LockBit Ransomware Gang Issues Apology and Offers Free Decryptor for SickKids Hospital Attack
Branded "Together We Can Build A New SickKids," the initiative will call on Torstar readers and staff to raise money to help the hospital meet the needs of the 21st century.

LockBit Ransomware Gang Issues Apology and Offers Free Decryptor for SickKids Hospital Attack

After claiming that one of its partners was responsible for a cyberattack on Canada’s largest paediatric hospital, one of the world’s most known ransomware gangs offered a rare apology. On December 18th, the Hospital for Sick Children (SickKids) in Toronto was the target of a ransomware attack that rendered several of the institution’s vital systems inoperable. Patient wait times increased as a result of the incident. SickKids announced on December 29th that it has restored access to about half of its priority systems, including those that had caused diagnostic and treatment delays.

Security researcher Dominic Alvieri discovered an apology from the LockBit gang for its involvement in the event over the weekend. The group stated that it would supply SickKids with a free decryptor and that it had blocked the “partner” who carried out the hack for breaking the gang’s rules. According to BleepingComputer, the LockBit gang operates a “ransomware-as-a-service” operation. Affiliates of the group conduct the dirty job of locating targets to breach and extort payment from, while the main operation maintains the virus that partners use to lock systems. As part of the deal, the gang takes a 20% cut of all ransom payments. Furthermore, the group asserts that adherents are not permitted to target “medical establishments” when an attack could result in death.



SickKids acknowledged the assertion on Sunday and said it was working with outside security experts to “verify and assess the use of the decryptor,” adding that no ransom payments had been received. The hospital also stated that it had recently regained access to roughly 60% of its priority system. It’s unclear why the LockBit gang waited nearly two weeks to offer assistance to SickKids if the attack violated its code. It’s also worth noting that the gang has a track record of targeting hospitals and failing to deliver a decryptor. For example, earlier this year, the gang demanded a $1 million ransom from the Center Hospitalier Sud Francilien in France, and after the hospital refused to pay, the group leaked patient data.

No votes yet.
Please wait...