Despite there being 134 publicly reported ransomware incidents at healthcare organizations in 2021, up from 106 in 2020, such attacks are often not covered in the news, says Allan Liska, senior analyst, CSIRT at cybersecurity firm Recorded Future. “I've worked with a number of healthcare providers recently that have managed to stop a ransomware attack during the reconnaissance stage. Sharing this information helps other organizations better understand what they should be looking for and to develop better strategies for stopping ransomware."

An attack last April in Scripps Health in San Diego led to a four-week shutdown of the healthcare system’s computer systems. More than 147,000 patients, staff and physicians may have had their personal and financial information compromised.


In addition, the impact led patients to seek help from two other large academic emergency departments, which, in turn, became overcrowded with the number of people seeking help from their providers. The two EDs saw average daily emergency medical services arrivals rise by nearly 60% year-to-year during the first week of the attack.

While prevalent, hospitals do not often discuss how quick thinking and preemptive actions can help to contain an attack, as in Hussey’s case. And while some may be upset that not all computer systems at Jackson Hospital are fully up and functional once more, Hussey says, “it’s better to be down a day than be down a month. Lock it down and piss people off. It's what you have to do just to secure your network."

The hospital is working with the FBI, which investigates hacking incidents, and Aon, a cybersecurity consultancy, to determine the extent of the attack and if any data was stolen.

Back to HCB News

Health IT Homepage