Source – The Guardian
A significant blow struck the heart of the US health care system as Ascension, a prominent nonprofit health care network based in St. Louis, announced on Thursday its diversion of ambulances from “several” of its hospitals in the wake of a debilitating cyberattack earlier in the week. The attack has inflicted widespread disruption, hampering access to electronic health records, impeding certain phone systems, and crippling systems crucial for ordering tests, procedures, and medications.
Ascension, which oversees 140 hospitals across 19 states and owns 40 senior living facilities, disclosed that it would resort to implementing “downtime procedures” for an extended period due to the cyber incident. Such procedures involve reverting to backup processes, including paper records, to ensure continued patient care amidst computer system failures.
Response and Fallout from the Cyberattack
The news of the cyberattack surfaced on Wednesday, triggering a series of responses aimed at containment and recovery. Ascension promptly activated a familiar protocol adopted by many US organizations besieged by cyber threats: notifying federal authorities, enlisting the expertise of leading cybersecurity firm Mandiant, and executing system shutdowns to mitigate further damage.
In a statement released on Thursday evening, Ascension affirmed its commitment to supporting its healthcare facilities in maintaining safe patient care through established downtime protocols, underlining the training provided to its workforce in managing such crises. However, the extent of the diversion of ambulances across Ascension hospitals remains unclear, as the network’s spokesperson declined immediate comment on the matter.
Persistent Vulnerability of US Health Care Systems
The cyberattack on Ascension adds to a distressing trend of major hacking incidents targeting US health care networks, eliciting urgent concerns from government officials and industry leaders alike. Just months prior, a ransomware attack on Change Healthcare, a subsidiary of UnitedHealth Group, triggered widespread billing disruptions at pharmacies nationwide, with UnitedHealth CEO Andrew Witty estimating that a third of Americans had their personal data compromised in the breach.
The severity of the attack led UnitedHealth to pay a staggering $22 million ransom to safeguard patient data. Such incidents have fueled mounting apprehension within the federal government regarding the susceptibility of America’s health care infrastructure to disruptive cyber threats with far-reaching consequences, casting doubts on the sector’s resilience in the face of escalating cyber warfare.
As the healthcare industry grapples with the aftermath of successive cyber assaults, the imperative for robust cybersecurity measures and comprehensive strategies to fortify the nation’s health care networks against evolving cyber threats becomes increasingly urgent.
Also read: Alleged Cyberattack On UnitedHealth Group Exposes Massive Data Breach