Ransomware attack against SickKids said to be unusual.
N2K logoJan 11, 2023

Moody’s released an issuer comment today on the peculiar nature of the cyberattack on a children’s hospital.

Ransomware attack against SickKids said to be unusual.

Moody’s Investors Service released a comment today on the December attack against The Hospital for Sick Children (SickKids) in Toronto. While the impact of the attack itself was contained, the hospital’s exposure to risk, along with an apology and alleged remedy from the threat actors, seems out of the ordinary.

Hospital’s exposure to risk.

The ransomware attack against SickKids took place on December 18.The hospital did not pay the ransom, and the overall attack has been contained, more or less, with 80% of systems back online, and most systems causing delays back to normal. Despite efforts from the hospital over the last few years to mitigate cyber risk, this attack shows that the hospital was still susceptible to ransomware.

LockBit apologizes and offers a remedy.

LockBit apologized on New Year’s Day, and provided an alleged free-of-charge code to the hospital. Moody’s notes that this is par for the course for many cybercrime groups, who avoid children’s hospitals as targets and provide recovery options when they are found to be victimized. Sensitive targets, including children’s hospitals, are also said to garner more unwanted attention from groups working against threat actors, such as government officials and law enforcement.