TAMPA — A computer drive shared by thousands of workers at the James A. Haley Veterans’ Hospital was shut down five days until this morning after the discovery of a computer virus known as a Trojan.
No information was extracted from the system and there was no change in patient care, hospital officials say.
“There was no breach of data and patient care operations have not been affected,” said hospital spokeswoman Karen Collins. Internet security personnel “are completing the final checks on the remediation process before opening up the S drive for normal usage,” Collins said Tuesday afternoon.
In an email at 10 a.m. today, Collins said the shared drive is back up.
The drive, where hospital personnel can store documents and other information to be shared, can be used by anyone with access to the hospital’s system. Collins said that more than 4,000 people work at Haley and have access.
The the system’s security programs detected what is known as a ransomware Trojan. This is a virus that enters a computer system when a user is tricked into clicking on a link in an email or on a website that gives the virus access. Users are often asked to pay money to restore the compromised documents.
“Some documents on the shared drive were infected and that set off an alarm,” Collins said. “This affects all employees with computer access, more than 4,000 people.”
Regional internet security staff “is still reviewing any cost associated with this event and there doesn’t seem to be any major work disruptions at this time,” Collins said.
Items that were on the drive were being backed up, Collins said, but a local cybercrime website said that may not recover all the lost data.
“Once these files are encrypted, the only way to get them back is to restore a recent backup or pay the ransom,” according to the website of KnowBe4, a Clearwater-based cyber security firm.
The website sites other sources to say that about a third of companies fail to test their backups and and that three-fourths of backups failed to restore.
Collins said the hospital has not paid any ransom. Citing security concerns, she declined to talk about how long files are backed up in the system.
Stu Sjouwerman, KnowBe4 chief executive officer, said ransomware Trojan viruses “are the next wave in cybercrime.”
They are often the work of “Eastern European cyber mafia,” Sjouwerman said. “This is a crime that brings in tens of millions of dollars.”
Ransomware Trojan attacks often leave systems vulnerable even after the malware has been removed, he said, but Collins said whoever sent the virus to the Haley system has no further access.