The healthcare system near me was hit with something similar to this about a year and some change ago, and I live in the middle of podunk nowhere. Wild stuff. At this point, it’s just...
The healthcare system near me was hit with something similar to this about a year and some change ago, and I live in the middle of podunk nowhere. Wild stuff.
At this point, it’s just irresponsible to not prioritize addressing this issue at all levels, but it also seems clear that everyone who can affect true change will be dragging their feet till something catastrophic happens to goad them onwards.
Yep. It costs money and takes time and no one will address it until it affects them. Network security has been a non cost at so many companies for so long that they're not going to shift until...
Yep. It costs money and takes time and no one will address it until it affects them. Network security has been a non cost at so many companies for so long that they're not going to shift until something drastic happens, and even then they'll likely half ass it.
Worth noting this article is from last week, not today. My mother took a friend to the hospital for a pre-surgery appointment last Wednesday and said it was pretty hectic since they couldn't...
Worth noting this article is from last week, not today. My mother took a friend to the hospital for a pre-surgery appointment last Wednesday and said it was pretty hectic since they couldn't access the electronic files. When the doctor sent her to get a scan, the technicians had to ask for her name, which type of scan she was there for, etc. because they couldn't check her file. I assume they typically ask that stuff anyway, but more to check details on the file are correct, rather than just point-blank not knowing anything.
Things at least seemed to have settled a bit by her surgery on Tuesday, but restoration seems to still be an ongoing process. You can check this page on Ascension's website to see regional updates. Most of them are fully operational but can't fill prescriptions at Ascension retail pharmacies, and warn about potential delays due to the transition to manual records.
Echoing everyone else here: hospitals really, really, REALLY need to put more effort into cyber security. It's one of the most genuinely critical pieces of infrastructure, and needs to be treated as such. This NEEDS to be priority number one right now for all hospitals. I wish that the corporate types who run hospital systems understood that investing in robust cyber security will save them money in the long run, but alas, they just don't get it until they're hit with ransomware attacks like this one.
Obviously ransomware threat actors are not ethical in any way. But it's disappointing to see them target services that benefit the public as much as healthcare providers. There's many other...
Obviously ransomware threat actors are not ethical in any way. But it's disappointing to see them target services that benefit the public as much as healthcare providers. There's many other industries/companies that would be a larger target and not cause direct harm.
Depending on the type of attack, they don't really "target", so much as cast a net and see what they hit. This was likely the case with the attack that brought down the medical system in Europe a...
Depending on the type of attack, they don't really "target", so much as cast a net and see what they hit. This was likely the case with the attack that brought down the medical system in Europe a few years ago.
...wait, when was this? I live in Germany and both see doctors and fill prescriptions regularly, and I don't remember any attack bringing our systems down within the past several years.
...wait, when was this? I live in Germany and both see doctors and fill prescriptions regularly, and I don't remember any attack bringing our systems down within the past several years.
A major US health care system said Thursday that it is diverting ambulances from “several” of its hospitals following a cyberattack this week.
The cyberattack on Ascension, a St. Louis-based nonprofit network that includes 140 hospitals in 19 states, is also disrupting access to electronic health records, some phone systems and “various systems utilized to order certain tests, procedures and medications,” Ascension said in a statement distributed Thursday evening.
The sprawling health care network, which also owns 40 senior living facilities, said that it would be using “downtime procedure for some time,” because of the cyberattack. Downtime procedures are typically when health providers revert to backup processes, including paper records, that allow them to care for patients when computers are down.
Four sources briefed on the investigation told CNN that Ascension suffered a ransomware attack, in which cybercriminals typically try to lock computers and steal data for extortion. Those sources said that the type of ransomware used in the hack is known as Black Basta, which hackers have used repeatedly to attack health care organizations in recent years. Black Basta, also the name of a broad criminal group that uses the ransomware, includes Russian-speakers, according to the Department of Health and Human Services.
On Friday, the Health Information Sharing and Analysis Center, a cyber threat sharing group for big health care providers worldwide, published an advisory warning that hackers using Black Basta ransomware have “recently accelerated attacks against the healthcare sector.”
That includes at least two health care organizations in Europe and the US that in the last month have “suffered severe operational disruptions” because of Black Basta ransomware,” the advisory said, without naming the health care organizations.
The healthcare system near me was hit with something similar to this about a year and some change ago, and I live in the middle of podunk nowhere. Wild stuff.
At this point, it’s just irresponsible to not prioritize addressing this issue at all levels, but it also seems clear that everyone who can affect true change will be dragging their feet till something catastrophic happens to goad them onwards.
Yep. It costs money and takes time and no one will address it until it affects them. Network security has been a non cost at so many companies for so long that they're not going to shift until something drastic happens, and even then they'll likely half ass it.
Worth noting this article is from last week, not today. My mother took a friend to the hospital for a pre-surgery appointment last Wednesday and said it was pretty hectic since they couldn't access the electronic files. When the doctor sent her to get a scan, the technicians had to ask for her name, which type of scan she was there for, etc. because they couldn't check her file. I assume they typically ask that stuff anyway, but more to check details on the file are correct, rather than just point-blank not knowing anything.
Things at least seemed to have settled a bit by her surgery on Tuesday, but restoration seems to still be an ongoing process. You can check this page on Ascension's website to see regional updates. Most of them are fully operational but can't fill prescriptions at Ascension retail pharmacies, and warn about potential delays due to the transition to manual records.
Echoing everyone else here: hospitals really, really, REALLY need to put more effort into cyber security. It's one of the most genuinely critical pieces of infrastructure, and needs to be treated as such. This NEEDS to be priority number one right now for all hospitals. I wish that the corporate types who run hospital systems understood that investing in robust cyber security will save them money in the long run, but alas, they just don't get it until they're hit with ransomware attacks like this one.
Obviously ransomware threat actors are not ethical in any way. But it's disappointing to see them target services that benefit the public as much as healthcare providers. There's many other industries/companies that would be a larger target and not cause direct harm.
Depending on the type of attack, they don't really "target", so much as cast a net and see what they hit. This was likely the case with the attack that brought down the medical system in Europe a few years ago.
...wait, when was this? I live in Germany and both see doctors and fill prescriptions regularly, and I don't remember any attack bringing our systems down within the past several years.
From the article: