by Valerie Dimond
, Contributing Reporter | September 29, 2020
Healthcare giant Universal Health Services Inc., one of the largest health systems in the U.S., is facing serious fallout from a cyberattack that occurred early Sunday morning.
“While this matter may result in temporary disruptions to certain aspects of our clinical and financial operations, our acute care and behavioral health facilities are utilizing their established back-up processes, including offline documentation methods,” said UHS in a statement. “Patient care continues to be delivered safely and effectively.”
UHS, which cares for some 3.5 million patients annually at 400 healthcare facilities in the U.S. and U.K., says no evidence at this time indicates that any patient or employee data was accessed, copied or misused but that user access to its U.S.-based information technology applications have been suspended and clinicians have been forced to use ink and paper until further notice.
The hack is likely to have been perpetrated by Ryuk, an advanced ransomware threat that has targeted hospitals and other organizations over the last few years, reports TechCrunch
, which said a person at one of the hospital locations saw the computer screens change with text that referenced the “shadow universe,” consistent with the Ryuk ransomware. “Everyone was told to turn off all the computers and not to turn them on again,” the person said. “We were told it will be days before the computers are up again.”
Data breaches and hackings are increasing every year and have almost doubled
between 2018 and 2019. According to a Healthcare Data Breach Statistics study, 3,054 data breaches of medical records occurred between 2009 and 2019, and 230,954,151 U.S. medical records were lost, exposed or stolen in that time.
"Today there is no one security solution that will reliably stop every attempted attack, and so hospitals need to implement multiple layers of security to improve their cybersecurity postures," Ido Geffen, vice president of product at CyberMDX, told HCB News in response to the UHS breach. "Layering levels of security drastically raises the difficulty of executing a successful hack."
Cyberattacks have also led to patient deaths
, including an attack that occurred at Düsseldorf University Hospital earlier this month. After the hospital’s IT system was hacked and shut down, staff were unable to retrieve information on their patients. The ransomware attack encrypted 30 servers and led to system crashes that prevented the facility from accessing data, according to the hospital, which was forced to close its emergency department. Although one woman was transported to another hospital 20 miles away, she died.
“Organized criminal gangs and military units have replaced rogue, individual hackers as the primary perpetrators,” said John Riggi, senior advisor for Cybersecurity and Risk, at the American Hospital Association, in July. “Law enforcement efforts, although laudable, have not been able to stem the rising tide of these attacks on hospitals and other critical infrastructure. Consequently, policies and approaches to protecting against ransomware need to change at the hospital, national and international levels, similar to how the approach to fighting terrorism evolved after 9/11.”
UHS says it has “implemented extensive information technology security protocols and is working diligently with its security partners to restore its information technology operations as quickly as possible.”
Dr. Ann Childs, a clinician at UHS, said today in a late-morning tweet
: "I work for UHS one day a week. This started Sunday AM and they are still offline."