In multiple states, hospitals and clinics, including those in Manchester, Conn., are currently undergoing a laborious recovery process after a severe cyberattack disrupts their computer systems. The incident compels some emergency rooms to shut down, diverting ambulances to alternative facilities. Security experts actively assess the situation at Prospect Medical Holdings’ facilities, determining the full extent of the problem and finding a resolution. John Riggi, the American Hospital Association’s national advisory for cybersecurity and risk, states that the recovery process can often take weeks, with hospitals resorting to paper systems and humans to manage equipment and records between departments.
The situation attracts the attention of national authorities, with the White House closely monitoring the cyberattack. The Department of Health and Human Services contacts the affected company, offering federal assistance to prevent disruptions to patient care resulting from the incident. In Connecticut, Manchester Memorial and Rockville General Hospital face closures of their emergency departments, redirecting patients to nearby medical centers. A national Prospect team actively evaluates the attack’s impact on all involved organizations.
The FBI in Connecticut collaborates with law enforcement partners and the victim entities in response to the incident but refrains from disclosing further details due to the ongoing investigation. Although the incident displays characteristics of extortive ransomware, officials have not officially confirmed or denied this speculation. Such attacks involve criminals stealing sensitive data from targeted networks, activating encryption malware to paralyze the systems, and demanding ransoms.
The FBI strongly advises against paying ransoms as there is no guarantee that the stolen data won’t eventually be sold on dark web criminal forums. Riggi emphasizes that paying ransoms also encourages the criminals and finances future attacks.
As a result of the attack, elective surgeries, outpatient appointments, blood drives, and other services were suspended. While the emergency departments reopened late Thursday, many primary care services were closed on Friday, according to the Eastern Connecticut Health Network, which runs many of the Connecticut facilities. Patients receive individual contacts regarding the situation, and similar disruptions are reported at other facilities system-wide.
In Pennsylvania, the attack affected services at facilities including the Crozer-Chester Medical Center in Upland, Taylor Hospital in Ridley Park, Delaware County Memorial Hospital in Drexel Hill, and Springfield Hospital in Springfield, according to the Philadelphia Inquirer.
In California, the company operates seven hospitals in Los Angeles and Orange counties, including two behavioral health facilities and a 130-bed acute care hospital in Los Angeles, according to Prospect’s website. Messages sent to representatives for these hospitals were not immediately returned.
Globally, the healthcare industry experienced the most cyberattacks in the year ending in March, according to IBM’s annual report on data breaches. For the 13th straight year, it reported the most expensive breaches, averaging $11 million each. Next was the financial sector at $5.9 million.
Healthcare providers are common targets for criminal extortionists due to their possession of sensitive patient data, including healthcare histories, payment information, and even critical research data, as highlighted by Riggi.
Riggi, a former cybersecurity specialist with the FBI, mentions that hospitals have been working to put in place better safeguards and more backup systems to prevent such attacks and respond to them when they occur. But he notes that it is almost impossible to make them completely safe, especially because the systems need to rely on Internet and network-connected technologies to share patient information among clinicians involved in a patient’s care.
Story credit
Related stories:
