The Baltimore Sun, which says it's got a copy of the ransom demand, reports that MedStar Health was indeed hit by ransomware, specifically Samsam, a.k.a. Samas, a.k.a. MSIL. The attackers are said to have offered a bulk discount rate—$18,500 to unlock all affected systems. (Thus the Hollywood Presbyterian incident, in which the hospital paid $17,000, seems to have set the market.) MedStar is gradually recovering: physicians' read-access to electronic health records was restored yesterday.
Ransomware is also appearing in attacks against some US Federal Government agencies. The Department of Homeland Security said yesterday that more than two-dozen US agencies have sustained ransomware attempts since July 2015. And Trend Micro reports that PowerWare ransomware is being used to target US taxpayers' information.
Problems other than ransomware arise for healthcare in the Internet-of-things. ICS-CERT warns that independent researchers have found some 1400 vulnerabilities in an older but still widely used automated cabinet for dispensing medical supplies, CareFusion’s Pyxis SupplyStation.
Cisco has patched its Firepower System Software.
US indictment of Iranian nationals in what we've come to think of as the Bowman Dam incident is seen as an example of American "name-and-shame" approach to agents of foreign governments who hack US targets. President Obama, warning that the country still faces a state of national emergency with respect to cyber, extends the Treasury Department's sanction authority.
The FBI's still not saying how it got into the San Bernardino jihadi's iPhone, but it's already been asked to unlock a phone in another murder investigation.