A major hospital chain has been hit by what appears to be one of the most massive medical cyberattacks in United States history.
Computer systems for Universal Health Services, which has more than 400 locations, primarily in the U.S., began to fail over the weekend, and some hospitals have had to resort to filing patient information with pen and paper, according to multiple people familiar with the situation.
Universal Health Services did not immediately respond to requests for comment, but posted a statement to its website that its company-wide network “is currently offline, due to an IT security issue. One person familiar with the company’s response efforts which were not authorized to speak to the press said that the attack “looks and smells like ransomware.”
Ransomware is a type of malicious software that spreads across computer networks, encrypting files and demanding payment for a key to decrypt them. It’s become a common tactic for hackers, though attacks of this scale against medical facilities aren’t familiar. A patient died after a ransomware attack against a German hospital in early September required her to be moved to a different hospital, leading to speculation that it may be the first known death from ransomware.
Hackers seeking to deploy ransomware often wait until the weekend, when a company is likely not to have as many technical staff members present.
Two Universal Health Services nurses, who requested not to be named because they weren’t authorized by the company to speak with the media, said that the attack began over the weekend and had left the medical staff to work with pen and paper.
One of the nurses, who work in a facility in North Dakota, said that computers slowed and then eventually would not turn on in the early hours of Sunday morning. “As of this a.m., all the computers are down completely,” the nurse said.
Another registered nurse at a facility in Arizona who worked this weekend said: “the computer just started shutting down on its own.”
“Our medication system is all online, so that’s been difficult,” the Arizona nurse said.
While many patient charts at that facility are on paper, medication information is maintained online, though it’s backed up at the end of each day, the nurse said.
“We had those up to date as of the 26th,” the person said.
“Now we had to hand-label every medication,” the nurse said. “It’s all improv.”
Ransomware can devastate hospitals. In 2017, a ransomware strain called WannaCry, created by hackers working for the North Korean government spread across the world and infected the U.K.’s National Health System even though it wasn’t a direct target. The attack disrupted at least 80 medical facilities, though there were no publicly reported deaths associated with the incident.
Kenneth White, a computer security engineer with more than a decade of experience working with hospital networks, said that the delays caused by ransomware attacks could have dire consequences for patients.
“When nurses and physicians can’t access labs, radiology or cardiology reports, that can dramatically slow down treatment, and in extreme cases, force re-routing for critical care to other treatment centres,” he said. “When these systems go down, there is a genuine possibility that people can die.”
Also Read:
- Android 12 Will Make It Easier to Use Third-Party App Stores
- How to Download Instagram Profile Picture in Original Quality
- Baby Monitor and Smart Cameras are being HACKED by Burglars
- Feds Hit with Successful Cyber attack, Data Stolen
- Instagram App Bug Could’ve Given Hacker Remote Access to Your Phone
- Iranian Hacker Group Developed Android Malware to Steal 2FA SMS Codes
- Google is Planning to Test New 6GHz Network Across the US
- Samsung Launch next week Galaxy A21s start at Rs 16,999