Maryland’s Department of Health Faces Ransomware Attack

ransomware, cyberattack, Maryland, Health Department

Maryland’s state Department of Health (MDH) is in the throes of a ransomware attack, which has only compounded on issues from the staggering COVID-19 hospitalization numbers.

MDH made an announcement about the attack on Wednesday (Jan. 12), adding that that the attack first began on Dec. 4, according to Maryland Chief Information Security Officer Chip Stewart.

“We have paid no extortion demands, and my recommendation — after consulting with our vendors and state and federal law enforcement — continues to be that we do not pay any such demand,” Stewart said in a statement. “At this time, we cannot speak to the motive or motives of the threat actor.”

He added that the health department’s network team had noticed a server malfunctioning early on Dec. 4, which was eventually escalated to the attention of the IT security team. The state began its incident response plans, notifying authorities and bringing in outside cybersecurity firms.

Stewart said because of the containment approach, in which MDH isolated the sites on the network from one another and from outside sites, some services were offline.

“I want to be clear: this was our decision and a deliberate one, and it was the cautious and responsible thing to do for threat isolation and mitigation,” Stewart said, per the report.

According to Maryland news outlets, the health department and local partners had trouble because of the attack, with the department unable to release COVID-19 case rates.

However, Gov. Lawrence Hogan said the state’s response was the best one, and that the state had not lost money or “compromised millions of peoples’ data.”

Payroll company Kronos was another service left offline recently because of a ransomware attack. Those types of attacks have been becoming more ubiquitous, particularly as the pandemic has gone on.

Read more: Payroll Service Kronos Offline After Ransomware Attack

Kronos fell victim to the Log4Shell vulnerability, which has been found in online games, cloud data centers and others — and it’s a zero-day vulnerability, meaning organizations don’t have time to patch their systems after being affected.