Ransomware attackers have breached Europe’s largest private hospital operator, affecting not just its European branches, but every part of the company’s operations around the globe, sources say.
Infosec journalist Brian Krebs reported yesterday that Fresenius Group, Europe’s largest private hospital operator and a major provider of dialysis products and services, had been hit by ransomware, affecting operations worldwide.
The tip arrived from an anonymous reader who apparently works at Fresenius Kabi’s U.S. operations. He told Krebs that “computers in his company’s building had been roped off,” and that the apparent culprit was the Snake ransomware strain.
Snake recently joined the onslaught of big-name ransomware families like Ryuk, BitPaymer, DoppelPaymer, Sodinokibi, Maze, MegaCortex and LockerGoga, targeting enterprises and critical infrastructures. Snake is designed to pinpoint enterprise management processes and large-scale industrial control systems (ICS).
Fresenius spokesperson Matt Kuhn confirmed to Krebs that the company was indeed battling a cyber-attack.
“I can confirm that Fresenius’ IT security detected a computer virus on company computers,” Kuhn said. “As a precautionary measure in accordance with our security protocol drawn up for such cases, steps have been taken to prevent further spread.
“We have also informed the relevant investigating authorities and while some functions within the company are currently limited, patient care continues,” he said. “Our IT experts are continuing to work on solving the problem as quickly as possible and ensuring that operations run as smoothly as possible.”
It is unclear if Fresenius management will pay Snake operatives ransom, but according to Krebs’ tipster, this is not the firm’s first ransomware contagion. In fact, it allegedly paid $1.5 million to recover from a previous ransomware infection. The source also stressed that “This new attack is on a far greater scale.”