“We implement extensive IT security protocols and work diligently with our IT security partners to recover IT operations as quickly as possible,” the statement said. “Patient care continues to be provided safely and effectively.”
NBC News reported that some UHS hospitals had to refrain from reporting information to patients with pen and paper because of the attack. There are also messages on Reddit and Twitter about UHS facilities redirecting ambulances to other nearby hospitals. “When the attack happened, many antivirus programs were disabled by the attack and the hard drives just lit up with activity,”
An UHS employee said Bleeping Computer that they saw files renamed during the attack to include the .ryk extension. This extension is related to the Ryuk ransomware. Like most other ransomers, Ryuk encrypts files to prevent anyone from accessing them until they pay a fee.
If UHS had been the victim of a ransomware attack, it would not have been the first time a healthcare provider had been the target of a cyber attack. On September 9, the University Hospital in Dusseldorf, Germany, sent a patient to a 19-mile hospital after hackers compromised their IT systems in a ransomware attack. The patient died while doctors tried to transfer her to another hospital.