Some ransomware groups pledge not to encrypt any medical entity if doing so would risk life. Not all ransomware groups have taken that pledge, however, and even some that claim they will not encrypt, do. Scripps News reports a ransomware attack is affecting blood availability to hospitals throughout the southeast U.S.:
A nonprofit blood donation center that serves more than 250 hospitals in the southeastern United States was hit with a cyberattack that left computers disabled and disrupted services.
The Florida-based OneBlood, which also offers services in Georgia and the Carolinas, said Wednesday it was experiencing a “ransomware event” on its software systems. Ransomware attacks are a type of cyberattack in which hackers use malware to encrypt data or software systems and demand a ransom be paid in exchange for restored access
OneBlood has created a web page for information and updates. There is an urgent need for blood donors because although while OneBlood is still operating, its functions have been significantly slowed by the attack.
At the present time, OneBlood does not know if any personal or protected health information has been accessed or acquired.
While their web page states that they are the victim of a ransomware attack, they do not mention what group or threat actor is responsible or whether there are any negotiations over ransom. No ransomware group has claimed responsibility as yet.