Posted on September 29, 2020 at 3:52 PM
A recent report has revealed that hackers have attacked a major hospital system in the U.S, which has led to the death of a patient.
Over the weekend, Universal Health Services in several locations failed, which had led to some locations using paper and pen to fill patient information.
The Universal Health Services treats millions of patients each year, and has over 400 locations, with the majority of the locations in the U.S. The health care provider also has medical offices in the U.K. as well.
The company has reacted to the attack and noted that it was tackling some IT security issues. However, some reports on the incident indicated that the company has a serious malware infestation, as hackers are asking for a ransom settlement before decrypting the files and removing the malware software.
The health care provider said it has been implementing IT security and currently partnering with other IT security experts to restore operations as soon as possible. However, the company is still offering services via its back-up processes. The statement further revealed that patient care will continue to be delivered effectively and safely.
“No patient or employee data appears to have been accessed, copied, or otherwise compromised,” the statement added.
Attack shuts down computer systems for days
A nurse working at the South Dakota branch of the Universal Health Services also confirmed that computers became very slow and lethargic, and subsequently shut down early Sunday morning, which gave staff no option than to use pen and paper to.
A similar report from another nurse at the Arizona branch also confirmed the breach, with the nurse claiming the medication systems got knocked out on Sunday morning. Facilities in Florida and California were also affected.
Another source said employees were asked to shut down their systems and not to turn them back on again until the problem is rectified in a few days.
Ransomware attacks can be devastating to health centers
Medical centers are at a high risk of losing life-changing data from ransomware attacks. The more disturbing thing is the fact that even when the cybercriminals promise to remove the ransomware and release the data, there is no guarantee they will keep to their word even after the ransom is paid.
Last week, a homicide investigation was launched by the German police, following the death of a woman who was transferred to another hospital after a ransomware attack. This is probably the first death that can be attributed to a hacking attack.
One of the hospital staff, who want to stay anonymous, said the attack has every resemblance of a ransomware attack.
Ransomware is malicious software used to infiltrate computer systems by spreading it across computer networks and encrypting files. The main aim of most of the ransomware attackers is to blackmail the victim into paying a certain amount of money if they want to get their data.
Hackers have intensified their efforts to plant malware to systems and networks, making it difficult for the owners to access their data. Although ransomware is common today, it is rare to see them in medical facilities.
Although most of the patient charts are written on paper presently, the medical center’s patient information is kept online with backup for each file provided by the end of the day.
Ransomware attacks in hospitals and health facilities can be devastating. In 2017, the WannaCry ransomware stain, designed by the North Korean Government, was planted in the UK’s National Health System. About 80 medical facilities were affected, but there wasn’t any reported death because of the incidence. But this time, the ransomware attack led to delays in proper treatment, which caused the death of a patient.
A computer security engineer with ten years of experience in the medical industry, Kenneth White, said ransomware attacks could lead to delays that can directly cause the death of a patient.