Ascension, a prominent healthcare provider operating 140 hospitals across 19 states, recently fell victim to a cyberattack that severely impacted its operations. The attack targeted crucial systems such as electronic health records (EHRs), the MyChart platform for patient communication, and certain medication and test-ordering systems.
The organization publicly disclosed the cyberattack on May 8 and immediately initiated an investigation, collaborating with both internal and external advisors to address the situation swiftly while prioritizing patient safety amidst the disruption.
As reported by the Detroit Free Press, Ascension employees first noticed network irregularities on May 7, prompting a complete shutdown of the system to prevent further damage. Consequently, the healthcare provider has temporarily halted non-emergency medical procedures and appointments, with some hospitals redirecting emergency medical services. Patients have been advised to bring relevant medical information to appointments due to the system’s limitations.
In response to the incident, Ascension released a statement affirming their commitment to supporting their healthcare facilities in delivering safe patient care by following established downtime protocols and procedures during this challenging period. The organization anticipates utilizing downtime procedures for an unspecified duration as they work to resolve the cyberattack’s aftermath.
To aid in the investigation and recovery efforts, Ascension has enlisted the support of incident response specialists from Mandiant. However, the extent of potential patient data exposure remains unclear at this time.
In a separate note, the cyberattack on Ascension bears resemblance to a ransomware incident that unfolded in February involving United Healthcare’s Change Healthcare subsidiary. The attack triggered widespread disruptions across various hospitals and facilities, underscoring the vulnerability of healthcare organizations to targeted cyber threats.
Mark Manglicmot, a senior vice president at Arctic Wolf specializing in security services, emphasized the critical nature of cybersecurity within the healthcare sector. He highlighted how healthcare institutions house vast amounts of sensitive patient data and operate extensive networks of essential medical technology, making them prime targets for malicious actors.
Manglicmot further noted that ransomware demands in the healthcare industry can be exorbitant, reaching up to $450,000, as threat actors exploit the potential human impact of healthcare incidents to achieve their financial goals.
Kurt Osburn, a director at NCC Group, echoed these sentiments, emphasizing the intricate challenges healthcare organizations face in securing their vast information networks due to the sheer volume of potential vulnerabilities within hospital environments.
In light of these recurring cyber threats, experts recommend prioritizing patching external-facing vulnerabilities and implementing comprehensive security operations capabilities 24/7 to mitigate the risk of future attacks. Additionally, it is crucial for healthcare entities to enhance their cybersecurity measures and safeguard patient data privacy and security through proactive prevention, detection, and response strategies.
As healthcare providers navigate the evolving cybersecurity landscape, the imperative remains to remain vigilant and take proactive steps to safeguard the integrity of their systems and the well-being of their patients.