Cyberattack Slams Hospitals, Ambulances, and Health Care Facilities in Several States
There have been over 150 cyberattacks on hospitals this year.
Cyberattacks slammed the computer systems of a California-based health care provider, causing emergency rooms in multiple states to close and ambulance services to be redirected.
The ransomware attack happened at Prospect Medical Holdings of Los Angeles, which has hospitals and clinics in Connecticut, Pennsylvania, Rhode Island and Texas. Prospect Medical is working on resolving the issue, the company said in a statement Friday.
“Prospect Medical Holdings, Inc. recently experienced a data security incident that has disrupted our operations,” the company said in a statement. “Upon learning of this, we took our systems offline to protect them and launched an investigation with the help of third-party cybersecurity specialists. While our investigation continues, we are focused on addressing the pressing needs of our patients as we work diligently to return to normal operations as quickly as possible.”
Officials with the Pennsylvania Association of Staff Nurses and Allied Professionals, the nurses union at Crozer-Chester Medical System in Springfield, say the hospital has reverted to a paper system because most of the computers are offline, CBS News reported. The computers are unlikely to be back online until next week, according to the labor group.
Many of Prospect Medical Holdings’ facilities remained closed on Friday while cybersecurity experts worked to evaluate the situation. Meanwhile, the institutions were going to go back to the old-fashioned ways of medical record keeping.
John Riggi, the American Hospital Association’s national advisory for cybersecurity and risk, said the recovery process can often take weeks, with hospitals in the meantime reverting to paper systems and humans to do things such as monitor equipment and run records between departments.
“These are threat-to-life crimes, which risk not only the safety of the patients within the hospital, but also risk the safety of the entire community that depends on the availability of that emergency department to be there,” Riggi said.
The Federal Bureau of Investigation is taking a break from its harassment of J6-participants, ignoring of Hunter Biden’s antics, and the targeting of President Donald J. Trump to investigate.
“The New Haven Field Office of the FBI is involved in an ongoing cyber ransomware investigation of some local medical facilities,” according to Special Agent Robert Fuller. “We are working closely with law enforcement partners and the victim entities to address the issues. At this time there is no further information we can share as this is an ongoing investigation. If and when information can be shared we will do so.”
There have been over 150 cyberattacks on hospitals this year. I am not hopeful that the pace will slow down anytime soon.
The Prospect hack is the 157th cyberattack on a U.S. health care organization this year, said Allan Liska, a ransomware analyst at the cybersecurity firm Recorded Future. Liska said it is also the largest since October 2021, when a ransomware attack prompted CommonSpirit Health, a chain of more than 140 hospitals, to temporarily halt computer operations across the country.
Radiology, diagnostic, and heart health facilities were impacted in the latest attack. Let’s hope the delay in treatment doesn’t lead to someone’s death or other serious health consequence.
DONATE
Donations tax deductible
to the full extent allowed by law.
Comments
Maybe it is a gender affirming virus, butchering the code…
All code is binary! Can’t be allowed!
Looking for soft spots. This is just the beginning.
So, people in the know: Is it even possible to keep data secure if it is connected to the internet?
More secure than this.
Simplest step an organization can do is require emails to open in text only.
And use an email provider that has a good filter. And don’t open anything that goes to junk.
Every year we get the same training about opening emails. Every year somebody compromises the network by being dumb with emails.
That, or, they justHAD to see if the Wet Paint sign meant what it says.
So, people in the know: Is it even possible to keep data secure if it is connected to the internet?
No. The only computer and data that is secure is if you have disconnected from the internet, unplugged the computer, and put it in the back of the closet preferably with a sign stating, “Beware of the Leopard” on the door. And then it might be secure. That is until someone steals your computer and hacks your simple password and gets the data anyway.
Nothing is secure. And if someone tells you otherwise they are lying.
Simple answer, is No.
I had a Microsoft Systems Engineer (a big deal back then) and a Vice President of Cyber Security for a major corporation in the late 90’s or early 2000’s tell me in no uncertain terms that the only “safe” computer to store your information was one that had no outside connection of any kind. His rather crass way of putting it; “Just like pregnancy the only 100% way is to make sure the dongle never enters the port.”
For years, I worked for a company that made computers that continued to run (and run correctly) despite occurrences of hardware failures and component errors, and could even be repaired on the fly without shutting down. We expected that healthcare would be one of our prime markets (after all, the trade lingo for the market was literally “heartbeat applications”).
We were wrong. Healthcare exhibited no significant interest. Our biggest clients turned out to be financial firms (exchanges, traders, credit card companies), followed by communications (phone companies and early ISPs like AOL).
Our Los Angeles salesman, a wit whose sales pitches resembled talented stand=up comedy, used to explain our involuntary market shift as follows: “It’s because your life ain’t worth shit, but your money… now that’s important!”
An example of which I had the past couple of weeks. I noticed that my work PC was running horribly slowly. When IT came to check it I found out that my PC was almost 9 and a half years old and our policy is that no PC should be more than 5 years old, so that PC should have been replaced once and be looking at being replaced again.
It might be a cyberattack on everybody and turns up in a certain number of hospitals.
It could be just one of a whole list of infrastructure attacks. We know our power grid, for example, has been attacked.
What if it’s the result of a broken heart? Does this particular victim have a history of medical malpractice with respect to COVID patients? Grandparents? People who have not had those experimental shots? Is somebody looking for evidence?
Question: why attack hospitals? money?
Even Geneva Conv. proscribes such attacks, considering them a “War Crime.”
The Feneva rules are for those willing to respect them. Like gun control.
Money.
Think about it.
What institutions have more information on an individual? There is everything from Financial info right down to eating habits and sexual proclivities.
If a good con got ahold of your records from a hospital they would have everything they need to just step into your life and do a very convincing job.
Another psy-op to spread fear in the vulnerable. People who still believe in allopathic medicine will be shaking in their boots when the next plandemic hits.
Part of the problem is that whatever ‘best practices’ are to defend against cyberattacks, some organizations won’t implement them. I suppose it’s human nature but some IT shops just can’t seem to get it done. Local and regional hospitals may not have the best IT shops and the knowledge base so they’ll be especially vulnerable.
Likely ransomware with a side of ID theft.
An accurate assessment, in my eyes.
The ransomware gets you the first money fast. Later on, you can sift through any data you happened to capture incidentally, to find valuable nuggets..
Been working healthcare fraud for over 20 years. Pandemic opened a Pandora’s box of compromised ID’s to the tune of hundreds of millions of dollars lost. BTW, AI has now entered the equation as well.
Why exactly? What emergency room procedure requires a computer much less internet access? Why aren’t they capable of pulling the plug on the computers and actually treating patients?
Whoever designed such a system needs to go watch M*A*S*H* reruns.
The steam plant and (I think) the chilled water plants at UAB are on their own systems and not on the internet. This forces the occasional manual transcription of information between the systems but insulates critical hospital and campus plant operations infrastructure from intrusion. Anyone who willfully or negligently establishes an internet connection to the isolated systems is terminated and possibly prosecuted. Yeah, they’re serious about environmental control. This is a very large STEM, healthcare, and research institution. Plant ops is doing all it can. Too bad the general IT departments don’t do something better.
Maybe Alabama isn’t so backward after all.
.