The computer systems at one of the nation’s largest hospital chains, Universal Health Services Inc., were taken offline after a ransomware software attack crippled the company’s computers and led it to cancel surgeries and divert some ambulances.
Universal Health Services has more than 400 locations in its network, most of which are in the U.S. According to CNBC, the ransomware attack led hospitals in the system to file patient information with pen and paper, based on reports from multiple people familiar with the situation.
Ransomware is a type of malware that encrypts a victim’s files. The attacker can then demand ransom to restore the victim’s access to the data after payment completion. Ransomware attacks have become a common tactic for hackers, though attacks against medical facilities at this scale are not expected.
Ransomware attacks have become the most significant cyber threat facing corporations over the last few years, explained Charles Carmakal, a vice president of FireEye Inc.
“They are causing a lot of havoc to organizations,” said Carmakal.
Carmakal claims that often a ransomware attack is only the first phase of a multistage extortion attempt from cybercriminals. There is usually a threat to publish the stolen data if companies do not pay the ransom requested. Additionally, Carmakal notes that while healthcare providers are frequent targets, hospitals are not because taking those offline systems can pose life-threatening harm.
“Most people don’t want to kill other people in the process of making money. But there are some who just don’t care and it’s a means to an end,” said Carmakal.
According to The Wall Street Journal, the outage caused no harm to patients, and the company is investigating any reports of patients at risk. In an interview, Universal Health President Marc Miller said no patient or employee data appears to have been accessed.
“We implement extensive IT security protocols and are working diligently with our IT security partners to restore IT operations as quickly as possible. In the meantime, our facilities are using their established back-up processes, including offline documentation methods. Patient care continues to be delivered safely and effectively. No patient or employee data appears to have been accessed, copied or misused,” said a statement from Universal Health Services.
The company has already restored some of its networks. Universal Health Services backs up its pharmacy records every 24 hours and has already restored part of the online pharmacy network. Miller said that it is unclear how long it will take the company to recover from the attack entirely.
Ransomware and cyberattacks, in general, have caused concern over patient privacy and HIPPA violations. Under HIPAA, a malware attack that exposes patients’ personal health information could require hospitals to disclose the breach publicly. Under guidance issued by federal health officials, these breaches may constitute a HIPPA violation.
Attacks also raise concerns over the dependency of hospitals and health care providers on information technology. The years’ worth of technology investments and the expansion pf medical records on digital platforms make the medical industry increasingly vulnerable to malware attacks,