Hospitals guard against cyberattack

Published 3:22 pm Thursday, November 5, 2020

Hospitals in the U.S. have to remain vigilant as they have been the target of a coordinated attack from cybercriminals.

The Washington Post reported Thursday, Oct. 29, that U.S. hospitals already stressed by the coronavirus pandemic have become the target of Russian-speaking cybercriminals, who, in recent days, have launched a coordinated attack with ransomware that analysts worry could lead to fatalities.

The Post’s report by Ellen Nakashima and Jay Greene stated that in the space of 24 hours on Monday, Oct. 26, six hospitals from California to New York had been hit by the Ryuk ransomware, which encrypts data on computer systems, forcing the hospitals in some cases to disrupt patient care and cancel noncritical surgeries, analysts said.

Email newsletter signup

The criminals have demanded a ransom ranging upward of $1 million to unlock the system, and some hospitals have paid, they said.

On Tuesday, the FBI, the Department of Homeland Security and the Department of Health and Human Services issued a joint advisory alerting health care providers to the threat, The Post article added.

In their story, Nakashima and Green quoted Charles Carmakal, chief technology officer for Mandiant, a cybersecurity firm, which has helped some of the hospitals affected try to recover their data.

“The events unfolding right now have the potential to cause the loss of life, potentially across multiple hospitals,” Carmakal said.

The Post article highlighted Alex Holden, chief information security officer and president of Milwaukee-based Hold Security, who said the cybercriminals have been discussing their intent to target hundreds of U.S. health care organizations.

Centra Vice President and Chief Information Officer Eileen Clark spoke to the security efforts taking place within the Centra network of hospitals, which includes Centra Southside Community Hospital in Farmville.

“We are doing everything to keep our patients, caregivers and community safe, including adhering to a cybersecurity framework,” she said. “We have several systems in place, for example our email blocking system is working well. We block 85% of email traffic, which are inappropriate emails attempting to enter our system. This is consistent within the industry. Cybersecurity is a continuous process improvement journey — we must always remain vigilant.”

Allan Liska, intelligence analyst at the cyberfirm Recorded Future, stated in The Post report that though criminals have been deploying ransomware against hospitals since the beginning of the pandemic, having one group hit six separate hospital organizations in 24 hours is a step up in tactics.

“If they can do this to six hospitals, there’s no reason they can’t do this to a dozen,” he said in the article. “That means that patient care could be seriously impacted and people could die from something like that.”