Yet again, ransomware wreaked havoc on several hospitals this week. On Tuesday, Sky Lakes Medical Center in Oregon suffered a ransomware attack. That same day, ransomware also hit three hospitals of the St. Lawrence Health System across the country in New York. Then on Thursday, six hospitals the University of Vermont Health Network (UVM) became the next victims.
The attacks affected each individual hospital differently.
- Sky Lakes Medical Center simply said that computer systems were “down” and delayed any procedures requiring imaging services.
- Meanwhile, the St. Lawrence Health System “disconnected all systems and shut down the affected network to prevent further propagation.”
- The attack on UVM hospitals primarily delayed elective procedures and lab results that also impacted local private practices.
These incidents raise serious concerns after an attack shut down most Universal Health Services (UHS) hospitals at the beginning of October. As a result, it forced doctors and nurses back to using pen and paper for patient information.
Back in July, a ransomware attack disrupted drug delivery, radiation therapy, and medical imaging services at the Samaritan Medical Center in New York. Payroll and accounting departments also fell back to paper records.
Federal Security Alert
On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS) jointly released a cyber alert. Their key findings were listed as:
CISA, FBI, and HHS assess malicious cyber actors are targeting the HPH Sector with Trickbot malware, often leading to ransomware attacks, data theft, and the disruption of healthcare services.
These issues will be particularly challenging for organizations within the COVID-19 pandemic; therefore, administrators will need to balance this risk when determining their cybersecurity investments.
Data Lives At Risk
Previously, cyberattacks only threatened the security of patient data. In recent attacks, patients stand to lose much more. During the UHS attack, one report says that a person died as an ambulance was diverted to another hospital during an emergency. Consequently, officials have opened an investigation into this sad incident.
Back in March, the C5 Alliance reported that cyberattacks had jumped 150% in just two months. There’s no doubt that the number has increased dramatically as the pandemic continues. Forthcoming reports should confirm that fact.
While COVID-19 stretches healthcare workers, ransomware attacks complicate matters dramatically. As workers scramble to save lives, cyberattacks block access to digital tools that help accomplish that goal. The dangers of ransomware have migrated from a screen and into the real world.