This post is also available in: עברית (Hebrew)
Dozens of hospitals across the US have shut down emergency rooms and suspended services due to a ransomware attack on the facilities’ parent company, Prospect Medical Holdings (PMH), and the FBI is involved. According to local media reports the attack began on Thursday. The company said in a statement on Friday that it took its systems offline to protect them and launched an investigation with the help of third-party cybersecurity specialists. It also said it was focused on addressing the pressing needs of its patients and restoring normal operations as soon as possible.
PMH owns and operates 17 hospitals and more than 165 outpatient facilities and clinics across several states, and the attack forced several hospitals to suspend operations and divert patients to other facilities. Following this incident, the FBI in Connecticut stepped in to investigate.
PMH’s Eastern Connecticut Healthcare Network (ECHN) announced the closure of at least nine other healthcare facilities Friday “until further notice,” including an urgent care and surgery center.
John Riggi, the American Hospital Association’s national advisory for cybersecurity and risk, said the recovery process from such attacks can take weeks, and hospitals must rely on paper systems and human intervention to keep functioning. “These are threat-to-life crimes, which risk not only the safety of the patients within the hospital but also risk the safety of the entire community that depends on the availability of that emergency department to be there,” Riggi said and added that he does not advise paying ransoms to the attackers, as it may encourage more attacks and does not guarantee the safety of the stolen data.
According to Interesting Engineering, IBM’s annual report on data breaches states that the healthcare industry was the hardest hit by cyberattacks in the year ending in March, reporting the most expensive breaches averaging $11 million each. Riggi also states that sensitive patient data, such as healthcare histories, payment information, and critical research data, make healthcare providers attractive targets for criminal extortionists.
Riggi, who is also a former cybersecurity specialist with the FBI, explains that hospitals have been trying to improve their security and backup systems to avoid and deal with such attacks, but it is very hard to make them totally secure because they need to use the Internet and network-connected technologies to exchange patient information among clinicians involved in a patient’s care.
So far, no ransomware group has stepped forward to claim responsibility for the attack.