iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
In an odd turn of events for one of the most notorious ransomware gangs in the world, LockBit has issued an apology for its attack on the largest children’s hospital in Canada.
The Hospital for Sick Children (SickKids) fell victim to a cyber attack on 18 December that prevented it from accessing many of its systems and databases, causing delays with lab and imaging results and increasing patient wait times.
Following SickKids releasing a statement on the 29th of December announcing that it had restored 50 per cent of its systems, LockBit issued an apology.
LockBit offers its ransomware infrastructure as a service to partners and affiliates who use the provided encryptors and websites to breach networks, steal data and lock devices. LockBit then keeps 20 per cent of the profits.
However, LockBit also as rules of conduct, forbid those partners from encrypting data of medical institutions where the consequences could be death.
In the apology, the ransomware giant announced that the partner who conducted the attack is now no longer associated or connected to LockBit.
“We formally apologize for the attack on sikkids.ca and give back the decryptor for free, the partner who attacked this hospital violated our rules, is blocked and is no longer in our affiliate program,” said LockBit.
SickKids has announced that it is aware of the apology and is currently working with security experts to “validate and assess the use of the decryptor”.
Questions are now being raised as to why LockBit took so long to apologise and provide a decryptor if targeting medical institutions was against its policies.
Furthermore, LockBit has targeted medical institutions where their attacks could lead to a patient’s death before, such as its attack on the Centre Hospitalier Sud Francilien in France, where it leaked patient data after the victim refused to pay a $10 million ransom.
While the ransomware group’s policies do allow the theft of data from any medical institution provided that there is no risk of death, the attack delayed treatments and surgeries to patients which put their health and lives at risk.
In what is believed to be an unrelated incident, SickKids announced on Sunday that it had to take down two websites after “potential unusual activity” was detected.
Be the first to hear the latest developments in the cyber industry.
