US healthcare system latest target of cyber terrorism

In yet another indication of the scale and scope of the cyber risk threat, a recent cyber-attack has shut down emergency rooms in at US least three states.

Ardent Health, which oversees 30 hospitals in states across the US, including New Mexico, Texas and Oklahoma, said it had been targeted by a ransomware attack over the Thanksgiving holiday. The attack had shut down a significant number of its computerized services, the company said in a news release. 

“In an abundance of caution, our facilities are rescheduling some non-emergent, elective procedures and diverting some emergency room patients to other area hospitals until systems are back online,” Ardent Health’s release said.

Each of the affected Ardent hospital chains – Hillcrest HealthCare in Oklahoma, Lovelace Health in New Mexico, and UT Health in Texas – said that some of their emergency rooms were transferring patients to other hospitals.

The hospital operator said the cyber-attack has affected computer programs that track patients’ healthcare records, among others.

In its statement, Ardent said the ransomware attack had taken its network offline. The company said it reported the issue to law enforcement as well as retained third-party forensic and threat intelligence advisers.

“At this time, we cannot confirm the extent of any patient health or financial data that has been compromised,” Ardent said.

Ransomware attacks that disrupt healthcare providers’ operations are becoming increasingly common, with at least 35 in US this year, according to reports.

The targeting of hospitals – and demands for extortion payments – began in 2016, according to the cybersecurity firm Recorded Future.

In June, St Margaret’s Health in Spring Valley, Illinois, was forced to close, partly as a result of an attack.

Ardent, which started out running psychiatric hospitals, said that patient care continued to be delivered “safely and effectively in its hospitals, emergency rooms, and clinics”. But out of “an abundance of caution”, the company said, it was rescheduling some non-emergent, elective procedures and diverting some emergency room patients to other area hospitals until systems are back online.

“Ardent is still determining the full impact of this event and it is too soon to know how long this will take or what data may be involved in this incident,” the company added.

SHARE: