Ransomware Threatens Production of 300 Ventilators Per Day

The DoppelPaymer gang deployed a ransomware attack against ventilator manufacturer Boyce Technologies amid the COVID-19 pandemic.

The FDA-approved Coronavirus ventilator manufacturer Boyce Technologies has been targeted by ransomware launched by the DoppelPaymer gang, who are  threatening to leak data from the company.

Cointelegraph has viewed the DoppelPaymer blog, where the gang lists example files of the data stolen during the attack, including sales and purchase orders, assignment forms, among others.

Boyce technologies inc

The cybercriminals have threatened that more information will be disclosed next week through the site if an undisclosed crypto ransom is not paid by the firm.

Boyce Technologies is well-known for its work in designing and manufacturing FDA-approved low-cost ventilators in just 30 days during the first months of the COVID-19 pandemic, amid the big demand for the machines across New York hospitals.

Prior to the attack the company was making 300 units a day with the help of the robots built by the company.

Healthcare sector under threat despite COVID-19 pandemic

Speaking with Cointelegraph, Brett Callow, threat analyst and ransomware expert at malware lab, Emsisoft, warns that such attacks on hospitals, medical testing labs, and medical device manufacturers may not only cost money, “they may cost lives as well.” He adds:

“Unfortunately, ransomware will continue to be a problem for as long as ransoms continue to be paid, and this is something organizations should keep this in mind. If they choose to pay, they’re helping to ensure that other organizations will be hit in future, and those organizations may be ones that provide critically important services.”

As of press time, Boyce Technologies has not issued an official statement addressing the ransomware attack, nor additional information on what extent the attack has impacted their operations.

Microsoft’s security team revealed more details in May about DoppelPaymer as a ransomware deployed in human-operated attacks. It uses “brute force” against a target company’s systems management server, and mainly has targeted the healthcare sector amid the COVID-19 crisis.