After COVID, the hospitals are now facing a more significant problem that poses more severe threats to the health system. Ransomware assaults on hospitals are growing more frequent this year, with at least five cases reported in the last few weeks. Last month, the FBI issued a warning saying that hospitals and healthcare systems may soon become a target of severe ransomware attacks.
A ransomware assault might result in the loss of personal information such as medical information, Social Security numbers, home addresses, and insurance information. In case of an attack, the hackers encrypt data and demand heavy ransom to decrypt it. The hospital gets the data if they agree to pay the money. If denied, the hospital loses all its data and has to rely entirely on backup data.
Oklahoma Healthcare System
In Oklahoma, the health system runs many care locations, specialist offices, hospitals, and clinics. On June 13, Stillwater Medical Center was attacked by ransomware and is presently experiencing electronic health record outages as it works to restore service. Because the attack disrupted computerized health records, the hospital had to rely on pen and paper.
After the hack blocked access to some systems, the organization’s IT staff reacted quickly and protected the environment. In addition, officials contacted police forces and sought the help of a forensic firm in the investigation and recovery operation.
According to claims on social media, the issue also impacted the online patient portal, email servers, and application. In addition, Stillwater hospital also experienced significant disruptions in its phone system. The latest update shows that phone service continues to be working only intermittently throughout the health system.
According to the most recent report from the local news source, the hospitals are still operating under EHR shutdown protocols. Some workers are afraid that the breach is having a detrimental influence on patient care.
The hospital’s staff is directly phoning pharmacies to verify patient prescription histories. There have also been incidents of personnel mismatching patients with incorrect lab records. The disruptions have also resulted in lengthy delays in receiving lab findings
For the time being, UF Health’s IT experts are working to bring the systems down. However, the duration of the operation has yet to be established by officials.
The Oklahoma attack was the latest in a series of recent attacks on healthcare providers. The incident at Stillwater Medical Center recalls a ransomware attack two weeks ago on two University of Florida Health facilities, the Villages Regional Hospital and Leesburg Hospital.
On May 31, the hospitals reported a potential ransomware assault. The hack triggered unusual activity on the computer systems, causing IT workers to rapidly shut down several IT systems to preserve patient data and limit the cyber-attacks spread.
Who Sent This Ransomware?
The assault has been traced to the infamous Conti hacker gang, which has targeted the health and fitness treatment sector last year, even as the industry battled the virus.
The attackers have stolen troves of healthcare information from various general healthcare companies linked to these assaults.
The increasing number of attacks requires the attention of security officials to decrease the potential loss of money and data. For example, in 2020 alone, 92 different ransomware attacks hit over 600 clinics, hospitals, and institutions, affecting over 18 million patient records. The cost of these assaults is estimated to be about $21 billion.
The hospitals should take preventive measures to avoid such losses. They should:-
- Have an up-to-date, solid, and secure anti-virus system on all corporate computers.
- Have their data copied, protected, and safely stored in a cloud server having employees access to it.
- Have insurance to cover money loss in case of a potential ransomware attack.
Rogue Logics provides in-depth security services for the assessment and protection of your application, data, and infrastructure against potential threats on-prem or in the cloud.
Want a consultation with the professionals at Rogue Logics, contact us and get a free quote.