Ransomware attack cripples hospital system

September 30, 2020

The Sunday morning attack against Universal Health Services may be the largest in U.S. history, according to media reports.

Cybersecurity experts say a ransomware attack against Universal Health Services (UHS) has taken down the hospital system’s digital networks at various sites across the country.

It may be the largest cyber attack in U.S. history, according to NBC news.

In a statement, UHS acknowledged that the IT network across their company is offline due to a “security incident.” The company says that it does not appear that any patient or employee data was accessed during the attack and that their U.K. operations have not been affected.

"UHS implements extensive IT security protocols to protect our systems and data, and we are working diligently with our IT security partners to restore IT infrastructure and business operations as quickly as possible,” the statement says. “We are making steady progress with recovery efforts. Certain applications have already started coming online again, with others projected to be restored on a rolling basis across the U.S.”

According to a report from Wired, hospital personnel say that they have moved to an all-paper system due to the attack which has left patients being rerouted to other emergency departments and waiting for appointments and test results.

With 400 facilities in the U.S. and the U.K., UHS employs more than 90,000 people who provide healthcare to about 3.5 million patients each year. The attack was undertaken overnight in an effort to encrypt and lock down as many systems as possible. Screens at facilities in California, Florida, Texas, Arizona, and Washington D.C. were changed to display a ransom message, according to Bleeping Computer, which first reported the attack.

Bleeping Computer cites an expert who says that the attack likely originated through phishing and that four patients have died due to physicians having to wait for lab results to arrive via currier.

Oliver Noble, an encryption specialist with Nordlocker, says in a Medical Economics article that some of the things physicians and hospitals can do to keep their IT systems safe include:

  • Adopt zero-trust network access, meaning that every access request by a member of medical staff should be granted only after their identity has been appropriately verified.
  • Encrypt medical files to avoid data leaks in ransomware. Business encryption solutions make sure important information stored on corporate computers is always protected from prying eyes with strong encryption. The tool also offers an encrypted cloud for easy access and secured data storage.
  • Have up-to-date backups available to keep the chances of data loss as slim as possible. If an attack is successful, there will still be an unaffected older version of the files. Again, a cloud solution for companies is a great way to back up data.