Three US hospitals have been forced to temporarily close their doors to “all but the most critical new patients” following a ransomware outbreak.
“A criminal is limiting our ability to use our computer systems in exchange for an as-yet unknown payment,” said DCH Health System.
DCH operates the three affected hospitals in Alabama.
One cyber-security expert said the groups using ransomware were becoming increasingly well organised.
Computers at the DCH Regional Medical Center in Tuscaloosa, Fayette Medical Center and Northport Medical Center were infected with ransomware.
The incident was first reported on 1 October.
“We will continue to divert any new admissions, other than those that are critical, to other facilities,” DCH said in its statement.
Local ambulances have been asked to take patients to other local hospitals instead, where possible.
Outpatients with appointments at any of the three hospitals were advised to call before attending them.
However, elective procedures and surgery already scheduled for 2 October were planned to go ahead.
It is not yet known what group or individual launched the ransomware.
Australian hospitals struck
Separately, seven hospitals in Australia have also reported disruptive ransomware infections.
“Some elective surgery and appointments have been cancelled,” said Barwon Health, one hospital operator affected by the incident.
The Government of Victoria said the seven hospitals were located in Gippsland and south-west Victoria.
Multiple computer systems have had to be disconnected as a result, which has meant some patient record, booking and management services have been shut down.
This could affect efforts to contact patients and schedule appointments, the Government of Victoria said: “Where practical, hospitals are reverting to manual systems to maintain their services.”
In cases where patient histories, charts, images and other information has been made unavailable, it may be necessary to reschedule some appointments, the authority added.
Daniel Andrews, Premier of Victoria, told local media it could take “weeks” before the problems were fixed.
The Victorian Government Cyber Incident Response Service has dealt with more than 600 cyber-attacks since July 2018.
“Unfortunately the groups breaking into individual computers at organisations are becoming rapidly better at obtaining access across networks, and then causing chaos with a goal to being paid,” said UK-based cyber-security expert Kevin Beaumont.
“This problem isn’t going to go away,” he added.
He said organisations needed to review their security procedures and ensure that backups were in place – and also that such backups had been recently tested – so that data and systems could be restored in the event of a ransomware infection.