U.S., Canada issue joint alert on 'ransomware' after hospital attacks

By Jim Finkle (Reuters) - The United States and Canada on Thursday issued a rare joint cyber alert, warning against a recent surge in extortion attacks that infect computers with viruses known as "ransomware," which encrypt data and demand payments for it to be unlocked. The warning follows reports from several private security firms that they expect the crisis to worsen, because hackers are getting more sophisticated and few businesses have adopted proper security measures to thwart such attacks. "Infections can be devastating to an individual or organization, and recovery can be a difficult process that may require the services of a reputable data recovery specialist," the two governments said in the alert, distributed by the U.S. Department of Homeland Security and the Canadian Cyber Incident Response Centre. It comes in the wake of reports of a string of ransomware attacks on individuals, businesses and government agencies in the past few months, including some that interrupted services at U.S. hospitals and police departments. Last week the Federal Bureau of Investigation issued a private alert to U.S. businesses, seeking their help in its investigation into the attacks. [L2N1700ST] Thursday's alert said the consequences of ransomware attacks include loss of sensitive or proprietary information, disruption of regular operations, expenses to restore access to computer systems and harm to a victim's reputation. The governments discouraged victims from paying hackers to restore access to their data. "Paying the ransom does not guarantee the encrypted files will be released," the alert said. "It only guarantees that the malicious actors receive the victim’s money, and in some cases, their banking information." MedStar, the U.S. capital region's largest healthcare provider, shut down much of its computer network this week to slow the spread of a virus. The Baltimore Sun reported on Wednesday that hackers had used ransomware to encrypt data on some computers and then demanded a ransom of $18,500. Security blogger Brian Krebs last week reported that Henderson, Kentucky-based Methodist Hospital declared an internal state of emergency after falling victim to a ransomware attack. Last month, Hollywood Presbyterian Hospital in Los Angeles paid a ransom of $17,000 to regain access to its systems after a similar attack. (Reporting by Jim Finkle; Editing by Clarence Fernandez)