University Health Systems, a large hospital chain with over 400 hospitals in the US and UK was hacked over this past weekend. The massive disruption caused many systems to be knocked out of commission forcing many cancellations. It also caused the move of patients who were unable to log any of their electronics into their systems, including patients, sign-ins and laboratory reports for several days.
The cause of the breach was the Ryuk ransomware. Someone had inadvertently opened an infected file and the virus began to spread through the servers all over the world. The reason why their antivirus and firewalls did not work was because the Ryuk virus intentionally disables the anti-virus as it spreads through the system. The damage was extensive according to one user on Reddit. The employee said patients were sent away as part of EMS diversion. "We have no access to anything computer based including old labs, EKGs, or radiology studies. We have no access to our PACS radiology system. No patients died tonight in our ED but I can surely see how this could happen in large centers due to delay in patient care," the Reddit user said.”[1] There were many comparisons to the Wannacry virus, a 2018 ransomware that among other victims, brought down the National Health Service for a significant amount of time.
Healthcare is still a valuable target for hackers, being able to shut them down for days. Use this as a warning to check your cyber security and review the protocols involving it.
[1] https://www.fiercehealthcare.com/tech/uhs-hit-massive-cyber-attack-as-hospitals-divert-surgeries-ambulances
