After being hit by the LockBit ransomware-as-a-service (RaaS) equipment, the Hospital for Sick Youngsters (SickKids) obtained an surprising vacation present: A free decryptor and an apology from the cybercriminal group.
The youngsters’s hospital, situated in Toronto, introduced on Dec. 19 that it had simply suffered a cyberattack that precipitated what it termed “Code Gray” — i.e., an inner techniques failure. That compelled clinicians to “transition to downtime procedures,” it mentioned, including that it nonetheless believed the assault had solely “impacted a number of inner scientific and company techniques, in addition to some hospital telephone strains and webpages.”
By Dec. 29, the story was a bit extra dire: SickKids admitted that oldsters and sufferers have been experiencing diagnostic and/or therapy delays — a actuality that households ought to anticipate to proceed, in response to an replace from the hospital. Nevertheless, it had managed to revive about half of its affected footprint, it mentioned.
Researcher Dominic Alvieri then tweeted that he had a posting from the LockBit gang’s leak website apologizing for the hit, and blaming the assault on a rogue affiliate who was exterior of the group’s management. LockBit, like many different ransomware bigwigs, rents out its malware to associates who perform the precise assaults in alternate for a 20% reduce of the takings.
“We formally apologize for the assault…and provides again the decryptor without cost, the associate who attacked this hospital violated our guidelines, is blocked and is not in our associates program,” in response to the posting.