Ransomware gangs are RUTHLESS. They’ll steal your money without even batting an eye. However, every once in a while you have a cybercriminal with a conscience.

On December 18, 2022, Canada’s Hospital for Sick Children (SickKids) were the victims of a ransomware attack. The hospital, a teaching and research hospital based in Toronto, reported that the attack impacted their internal systems, phone lines and website.

The attack on the hospital was conducted by criminals who used a Ransomware-as-a-Service kit supplied by notorious ransomware group LockBit.

As a result of the attacks, the SickKids predicted that it would take weeks before all systems were back up-and-running as they should. They also warned patients and families that longer wait times should be expected. Two weeks later, by the end of the year, half of the hospitals’ systems were back online after emergency recovery plans were put into action.

The security incident was a perfect recipe for media attention. The fact that criminals were targeting sick children during Christmas time caused this story to blow up in the media.

The fact that the story picked up traction so quickly during the holidays could have been one of the motivating factors as to why LockBit decided to release a rare apology to SickKids, as well as a free decryption key so that the hospital could get systems back up and running. In their apology they state “We formally apologize for the attack on sickkids.ca and give back the decryptor for free, the partner who attacked this hospital violated our rules, is blocked and is no longer in our affiliate program.”

Although the right thing to do, It’s hard to believe this apology was genuine. Instead, it’s likely that LockBit just realized that hitting a hospital for sick children is a despicable act, and not worth any amount of money they were trying to extort.

Story via Tripwire