In the aftermath of a ransomware attack on U.S. hospital chain Ascension, patients are still facing disruptions in emergency care and prescription services across various regions. Ascension, which operates 140 hospitals and 40 senior care facilities in 19 states plus the District of Columbia, is working tirelessly to restore its IT systems, including electronic health records and pharmacy operations.

While some regions are experiencing severe IT disruptions, others are functioning with limitations. Ascension has confirmed that several hospitals are unable to accept emergency patients, leading to the diversion of ER cases to other healthcare facilities. In addition, elective procedures, tests, and appointments have been temporarily paused as the chain continues to restore its systems. The reliance on manual processes for medication dispensing, medical record inputting, and patient communication underscores the challenges faced by Ascension in the wake of the cyberattack.

As Ascension navigates the complex process of IT recovery, the timeline for full restoration remains uncertain. The hospital chain is also investigating the extent of the breach and whether personal health information was compromised. The attack has prompted at least two federal class action lawsuits from patients concerned about the security of their data and the potential for identity theft crimes.

According to sources familiar with the investigation, the ransomware group behind the attack is believed to be Black Basta, a Russian-speaking cybercriminal organization known for its malicious activities targeting the healthcare sector. In response to the threat posed by Black Basta, multiple U.S. government agencies and industry groups have issued advisories warning healthcare organizations to enhance their cybersecurity defenses.

The varying impact of the cyberattack on Ascension’s operations is evident across different regions. In Maryland, retail pharmacies are operating on a cash basis, while certain pharmacies in Oklahoma are not operational at all. Patients in Wisconsin are unable to fill prescriptions at any Ascension pharmacy, highlighting the extent of the disruption caused by the ransomware attack.

Experts have pointed out that the disparate impact on Ascension facilities could be attributed to the complex nature of healthcare IT systems. With operations running on different networks and varying levels of integration due to mergers and acquisitions, healthcare organizations face challenges in ensuring a cohesive response to cyber threats. The segmentation of networks by region or function can help limit the impact of cyberattacks and prevent unauthorized access to sensitive data.

As Ascension continues to address the fallout from the cyberattack, the healthcare industry as a whole is urged to bolster its cybersecurity measures to protect patient information and ensure continuity of care. The incident serves as a stark reminder of the evolving threat landscape facing healthcare organizations and the need for proactive security strategies to safeguard against ransomware and other cyber threats.

Source link