Last week the College of Nurses in Ontario was hit by a ransomware cyberattack that threatened to compromise personal data and sensitive information from patients and employees alike. Now, an even more significant attack on a health organization has taken place across the border in the US.
Last night unknown bad actors carried out a massive cyberattack on UHS hospitals across the United States.
All UHS hospitals nationwide in the US have been hit, and the repercussions have been severe. All UHS hospitals have no access to phones, computer systems, the internet, or the data center, leaving them vulnerable and unable to function even on a very basic level.
So far, it is claimed that there have been four deaths directly attributable to this attack, due to a lack of patient information or an inability to communicate effectively.
Four hundred facilities were hit, with over 90,000 employees restricted from carrying out their tasks properly. UHS hospitals attend over 3.5 million patients a year, making this attack both devastating and genuinely tragic.
UHS is a Fortune 500 corporation with annual revenues of $11.4 billion in 2019, and it is 330th on Forbes’ ranking of US largest public companies.
Cyberattacks on health facilities are not as unusual as you might think. The combination of often lower levels of cybersecurity and awareness with the urgent nature of the services can make them an attractive target to cybercriminals, hackers, and malicious actors. As well as the above example in Canada, a hospital in Germany was targeted last week, resulting in a fatality.
UHS hospitals are currently redirecting ambulances and sending any patients with urgent needs (particularly those in need of surgery) to other nearby hospitals.
Following the attack, staff were advised to shut down all hospital systems in an attempt to prevent the hack from spreading across the network.
UHS has yet to make an official statement, but reports indicate that it is likely to have been a ransomware attack, started overnight to avoid immediate detection, and accessing and encrypting as many systems and devices as possible before measures could be taken to stop it.
Further information indicates that it is most likely to be the Ryuk ransomware. With these attacks, malware is used to steal sensitive information from the system and then gain access, giving the hackers manual access and admin credentials, and allowing them to encrypt devices and potentially harvest patient and employee data.
Reporting is scarce on this, and the story is developing, but what it shows for sure is how cyberattacks can have potentially devastating, even fatal consequences in the real world. Staying safe and protecting yourself and your business online has never been more important, and should be a priority for everyone.