Apologies from a notorious hacker gang
“We apologize for the SickKids hack and will provide a free decryption. A hospital affiliate violated policy, was prevented and removed from our affiliate program,” the group announced over the weekend, almost two weeks after the ransomware attack on SickKids Hospital.
SickKids is a Canada-based teaching, research and children’s hospital. The incident happened on December 18 and affected the hospital’s systems, phone lines and associated websites. As a result, delivery of test results and images is slower, causing patients to wait longer. By December 29, 2022, only about 50% of the system should be restored.
LockBit acknowledged that the attack was carried out by cyber criminals working with this group. The team sends files to decrypt the locked data. book page Beeping computer says Decoder for Linux/VMware ESXi systems, not Windows, indicating a new hack attack on hospital VM systems.
LockBit is currently one of the most dangerous hacking organizations in the world and specializes in ransomware as a service. Partners use this group’s ransomware to attack organizations and demand ransoms, then share 20% of the proceeds with LockBit.
Group conditions prohibit partners from attacking medical facilities such as cardiovascular centers, neurosurgical units, maternity hospitals, etc. “This is an organization that may need to conduct procedures. High tech operations, computer use and file encryption can lead to death. ‘ explains LockBit. However, the group still allows partners to target pharmaceutical, dental and plastics companies.
Despite the above steps, LockBit is still doomed. Despite a statement from the hospital on December 18, the team gave no reason for the delay in shipping the decoder. The group was previously accused of being involved in an attack on a 1,000-bed hospital in France for a multimillion-dollar ransom, resulting in the displacement of many patients and the suspension of operations.
In May 2021, another well-known hacker group, Conti Ransomware, also had to provide decryption following an attack on Ireland’s healthcare system and threats from international law enforcement agencies.