Recently, a hospital in Germany lost a patient, and the death was blamed in part due to ransomware. Earlier this week, the UHS Hospital network was also hit hard by a ransomware attack. UHS is a Fortune 500 company with operates more than 400 facilities in the United States, Puerto Rico, and the United Kingdom. They have approximately 90,000 employees and claimed an annual revenue of $11.4 billion for 2019. A big target for ransomware attackers!
“We implement extensive IT security protocols and are working diligently with our IT security partners to restore IT operations as quickly as possible,” UHS said in a public statement. “In the meantime, our facilities are using their established back-up processes including offline documentation methods. Patient care continues to be delivered safely and effectively.”
While the effect of the ransomware attack on patient care is unknown at this time, SecurityWeek.com has published some anonymous comments from reddit users who work for UHS, including an unconfirmed report of patients dying due to such delays. No deaths have been confirmed by UHS at this time.
Even though there have been no confirmed losses of patient data and no confirmed patient deaths, a breach of this size could have big patient impacts. INTERPOL Secretary General Jürgen Stock gave the following quote in April: “Locking hospitals out of their critical systems will not only delay the swift medical response required during these unprecedented times, it could directly lead to deaths. INTERPOL continues to stand by its member countries and provide any assistance necessary to ensure our vital health care systems remain untouched and the criminals targeting them held accountable.”
If you own a business, you know ransomware can ruin you financially. If you are in the healthcare sector, it’s not just about money or your business reputation, but literally a matter of life and death. To best protect yourself from ransomware, it is important to continue to invest in people and technology to help stop attacks. The basics of cyber awareness training, regular application of security updates and patches to systems, comprehensive backup policies and enabling multi-factor authentication (MFA) will help thwart ransomware. If you need help protecting your systems from ransomware, trust Uzado to help.