“We are implementing extensive IT security protections and are actively working with our IT security partners to restore IT operations as soon as possible,” the statement reads. “Patient care continues to be delivered safely and effectively.”
NBC News Some UHS hospitals have reported having to go back to filing patient information using pen and paper due to the attack. On Reddit and Twitter, there are also reports of UHS facilities redirecting ambulances to other nearby hospitals. “When the attack took place many antivirus programs were disabled by the attack and the hard drives were only activated,”; said one of those reports.
A UHS employee said Sleeping computer they found the files renamed during the attack to include an .ryk extension. That extension is associated with Ryuk ransomware. Like most other ransomware, Ryuk encrypts files to prevent someone from accessing them until they pay a fee.
If UHS is the victim of a ransomware attack, this is not the first time a health care provider has been targeted by a cyberattack. On September 9, Düsseldorf University Hospital in Germany sent a patient to a hospital 19 miles away after hackers compromised their IT systems in a ransomware attack. The patient died while doctors tried to transfer him to the other hospital.