The LockBit ransomware gang has issued an apology for the SickKids attack, saying a “partner” was behind it.
The notorious LockBit ransomware gang has apologized for the attack on the Canadian research hospital known as The Hospital for Sick Children, or SickKids. The group claimed a “partner” was responsible for the attack.
LockBit ‘partner’ allegedly behind SickKids attack
On December 18, 2022, the Canadian research hospital SickKids suffered a ransomware attack that affected the hospital’s website, phone lines and some systems.
In one Publication on the SickKids websiteit was stated that there was “no evidence that any personal information or personal health information [was] affected. This was followed by a additional post SickKids, in which readers were informed that “Some patients and families may still experience diagnostic and/or treatment delays while SickKids works to restore all systems.” In late December, SickKids confirmed that nearly half of its systems had been fully restored.
It didn’t take long for LockBit, a globally recognized ransomware gang, to apologize for the incident, using a site on the dark web to do so. While LockBit is concerned about illegal activity, the gang reportedly has a rule that prohibits operators from targeting hospitals.
LockBit offers free decryptor for SickKids attack
In light of this attack, LockBit offered a free decryptor for SickKids so their systems and services could recover.
While LockBit apologized and reportedly blocked the partner who launched the attack, SickKids has yet to use the decryptor provided by the group. This seems to be the first time that LockBit has apologized, let alone offered a free decryptor, so suspicions have arisen around its security.
In Most recent message from SickKids about the incidentit was stated that the organization is aware of the decryptor, but wants to “validate and evaluate the use of the decryptor” before doing anything else.
Ransomware attacks are on the rise
Ransomware attacks are increasing in their prevalence over the years, with Norton stating in a report that ransomware-as-a-service is seeing an increase in demand. Additionally, the number of ransomware attacks that took place in 2022 was a shocking 85% more than in 2021.
While individuals risk being targeted by ransomware operators, the likelihood of a large organization being successfully attacked is even more concerning, as it could disrupt key operations and put hordes of sensitive customer data at risk.
LockBit and other ransomware gangs are an ongoing threat
Although ransomware attacks can come from any cybercriminal, large ransomware gangs such as LockBit continue to be of great concern to the public and law enforcement. We could see more ransomware gang attacks in 2023, whether against organizations, governments, or individuals.
