Return to code red: hacking the halls of medicine

18 snips

Mar 17, 2026

A small Oregon hospital’s computers go dark after a ransomware hit, forcing staff to switch to pen-and-paper workflows. Engineers trace the breach to a phishing click that spread through imaging systems and Windows servers. The team weighs paying a Ryuk ransom versus rebuilding, salvages most medical images, and spends weeks restoring validated clinical systems.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

ANECDOTE

Mass Shutdown And Paper Relays Keep Hospital Afloat

Sky Lakes' IT team shut down 2,500 computers and 600 servers to stop Ryuk from spreading.
Staff reverted to paper: bought all local paper, used clipboards, and ran physical orders across the hospital to keep care going.

ADVICE

Shut Networks Offline Immediately To Stop Spread

When ransomware is detected, isolate systems immediately and power down networked machines to stop lateral spread.
Sky Lakes ordered an urgent offline shutdown after backups were encrypted within minutes.

INSIGHT

Backups Can Be Compromised Too

Attackers can target and encrypt backups quickly, nullifying standard recovery plans.
Sky Lakes watched their email restore begin and then be re-encrypted within minutes, revealing backups aren't foolproof.

Get the Snipd Podcast app to discover more snips from this episode