In the latest in a rash of attacks on hospitals and healthcare providers, Memorial Health System, which has three hospitals serving Ohio and West Virginia, is dealing with the aftermath of a cyberattack. The attack, known now to be ransomware, was first announced on August 15 via the Memorial Health System website. In the first notice, the organization notified the appropriate federal agencies and attempted to contain the infection by cutting off user access to the network. An unnamed third party of cyber-defense experts was also brought in to assess the damage and get the Memorial Health System back to functionality.
The ransomware forced all urgent surgeries to be postponed and allowed only Marietta Memorial Hospital to accept patients for the following medical emergencies: stemi (ST-segment elevation myocardial infarction), stroke, and trauma. All other patients were diverted to other healthcare facilities due to the extensive infection.
Memorial Health System released an update to the original alert on August 18, which gave the following new information:
We have reached a negotiated solution and are beginning the process that will restore operations as quickly and as safely as possible. We are following a deliberate, systematic approach to bring systems back online securely and in a manner that prioritizes our ability to provide patient care. This could happen as early as Sunday,” says Memorial Health System president and CEO Scott Cantley. “As we conduct our IT remediation work, our security experts have been monitoring and have not noted any indication that any patient or employee data has been publicly released or disclosed,” he said... Moving forward, the health system will continue to focus on remediation technology that will be added to already intensive security systems. “It is unfortunate that many health care organizations are confronting the impacts of an evolving cyber threat landscape,” says Cantley. “We continue to implement enhancements to our information security, systems, and monitoring capabilities.”
Ransomware attacks on hospitals and the healthcare sector have escalated since the beginning of the global COVID-19 pandemic. It is a stark reminder of just how far cybercriminals are willing to go for a payday.
Featured image: Shutterstock