Cyber Incident Victim: Sky Lakes Medical Center

In late October 2020, Sky Lakes Medical Center in Oregon became one of multiple U.S. healthcare facilities targeted in a coordinated ransomware campaign linked to Russian cybercriminals. The attack occurred amid a broader surge targeting hospitals, with federal agencies issuing a joint warning on October 28, 2020, about an "increased and imminent cybercrime threat" to the healthcare sector. Attackers deployed Ryuk ransomware, a strain known for encrypting critical systems until payment is made, which spread through compromised networks via the Trickbot botnet infrastructure. Sky Lakes Medical Center experienced operational disruptions that forced staff to revert to paper records for certain services, though the specific duration of these disruptions was not publicly disclosed. The incident formed part of a wave affecting as many as 20 medical facilities nationwide, including the University of Vermont Health Network, Dickinson County Healthcare System, and St. Lawrence Health System.

Federal authorities confirmed the attacks originated from the same cybercrime group, though no specific attribution beyond Russian ties was provided in public advisories. Sky Lakes Medical Center spokespersons acknowledged IT system compromises but did not detail the exact systems affected or whether patient data was exfiltrated. The hospital continued operations using contingency measures while investigating the scope of the incident. Cybersecurity experts noted significant challenges in determining the full impact due to delayed incident reporting and varying disclosure practices among victims. No ransomware payment details or specific recovery timelines were confirmed for Sky Lakes Medical Center, though the coordinated federal alert emphasized the urgency for healthcare providers to implement defensive measures against the ongoing threat.