The LockBit ransomware gang has issued an apology for the SickKids attack, stating that a “partner” was behind it.
The well-known LockBit ransomware gang has apologized for the attack on the Canadian research hospital known as The Hospital for Sick Children, or SickKids. The group has claimed that a “partner” was responsible for the attack.
A LockBit “Partner” Was Allegedly Behind the SickKids Attack
On December 18, 2022, Canadian research hospital SickKids suffered a ransomware attack that affected the hospital website, phone lines, and certain systems.
In a SickKids website post, it was stated that there was “no evidence that personal information or personal health information [was] impacted.” This was followed up by an additional SickKids post, wherein readers were informed that “Some patients and families may still experience diagnostic and/or treatment delays while SickKids works to restore all systems.” At the end of December, SickKids confirmed that almost half of its systems had been fully restored.
It didn’t take long for LockBit, a globally recognized ransomware gang, to apologize for the incident, using a site on the dark web to do so. While LockBit is concerned with illegal activities, the gang allegedly has a rule that forbids operators from targeting hospitals.
LockBit Offers Free Decryptor for SickKids Attack
In light of this attack, LockBit offered a free decryptor for SickKids so that their systems and services could recover.
While LockBit has apologized and allegedly blocked the partner who launched the attack, SickKids is yet to use the decryptor provided by the group. This seems to be the first time that LockBit has apologized, let alone offer a free decryptor, so suspicions have arisen around its safety.
In SickKids’ most recent post on the incident, it was stated that the organization is aware of the decryptor, but wants to “validate and assess the use of the decryptor” before doing anything else.
Ransomware Attacks Are on the Rise
Ransomware attacks are increasing in their prevalence as the years pass, with Norton stating in a report that ransomware-as-a-service is experiencing an uptick in demand. What’s more, the number of ransomware attacks that took place in 2022 was a shocking 85% higher than 2021.
While individuals are at risk of being targeted by ransomware operators, the chance of a large organization being successfully attacked is even more concerning, as this could disrupt key operations and put hordes of sensitive customer data at risk.
LockBit and Other Ransomware Gangs Are an Ongoing Threat
While ransomware attacks can come from any cybercriminal, large ransomware gangs such as LockBit continue to be a big concern for the public and law enforcement alike. We may see further ransomware gang attacks in 2023, be it on organizations, governments, or individuals.