After a cyberattack this week, the largest healthcare system in the United States is diverting ambulances to “several” of its hospitals, the company said Thursday. In a statement released Thursday evening by Ascension Hospital, a nonprofit network based in St. Louis with 140 hospitals across 19 states, it was also reported that electronic health records, some phone systems, as well as several systems used to order certain tests, procedures and medications, have all been disrupted by the cyberattack.
In response to the cyberattack, the sprawling healthcare network, which also owns 40 senior living facilities, announced that it would be utilizing “downtime procedures for some time” in the coming days. When computers fail, healthcare providers usually resort to backup procedures to enable them to care for patients, such as paper records.
Ascension Health System operates in 19 states across the U.S. and has been forced to divert ambulances from some of its 140 hospitals due to a cyberattack.
As a result, patients' medical tests have been postponed, and the system has been blocked online. On Wednesday, Ascension's computer network systems showed “unusual activity.” This was a message sent to the Ascension team. There was no word from the Catholic health system in St. Louis regarding whether it had been hit by ransomware or if it had paid the ransom.
An email seeking updates did not come from the health system, nor did it respond to any inquiries immediately. Ascension says that it had called in Mandiant, the Google cybersecurity unit which has a reputation for responding quickly to ransomware attacks, and the attack had the hallmarks of ransomware.
In February of this year, Change Healthcare was the victim of a cyberattack that disrupted care networks across the country and the CEO of its parent company, UnitedHealth Group Inc., admitted in a congressional hearing that the company had paid a ransom of $22 million in bitcoin in return for the system continuing to operate. In an email to its patients and caregivers, Ascension said its electronic medical records system as well as MyChart, a web-based application that allows patients to access their medical records and communicate with their doctors, are offline.
It has been reported by four sources briefed on the investigation that Ascension suffered a ransomware attack, which is a type of computer attack that cybercriminals usually use to lock computers and steal data to demand extortion. There have been reports that the type of ransomware used in the hack is called Black Basta, which has been used repeatedly in recent years by hackers to attack healthcare organizations due to its usefulness as a crypto locker.
As reported by the Department of Health and Human Services, a criminal group known as Black Basta has been accused of using ransomware to extort money from Russian speakers.
As discussed in a previous post, the Health Information Sharing and Analysis Center, a group of healthcare providers globally that shares cyber threat information through advisory publications, issued an alert last Friday warning that hackers had recently accelerated attacks against the healthcare sector with Black Basta ransomware.
According to the advisory, at least two US and European healthcare organizations have "suffered severe operational disruptions" due to the Black Basta ransomware in recent months. The advisory warned that the organizations had not been identified to prevent the spreading of the malware.
There was news on Wednesday that Ascension Corporation was hacked, Ascension has often been a victim of cyberattacks, as many American organizations have followed a familiar playbook over the last 24 hours. There has been a successful response from Ascension to the incident.
The company notified federal authorities and hired a leading US cybersecurity firm, Mandiant, to recover from the incident and shut down all systems in an attempt to control the situation.
There have been repeated contacts between senior US officials and Ascension CEO Joseph Impicciche in the period since the ransomware attack to figure out how the attack might impact the care of patients, according to CNN.
A business partner in Ascension advised that while their connection to the Ascension system is temporarily suspended, their relationship will resume.
Ascension's spokesperson on Thursday confirmed that there had been no interruptions in patient care services in Illinois hospitals during Thursday's maintenance, but IT services experienced some interruptions during the day.
It is a leading nonprofit healthcare system offering a wide range of high-quality healthcare services.
In the wake of the ransomware attack that took place on Change Healthcare, a subsidiary of UnitedHealth Group, sensitive patient data has been compromised and billing problems have emerged across the country for pharmacies, hospitals, and practices, threatening the existence of some healthcare providers.
A high-profile cyberattack was also reported in January at Lurie Children's Hospital in Chicago, causing a huge amount of damage. The hospital found itself compelled to disengage its telecommunication, email, and supplementary systems in response, thereby instigating weeks of disruption to customary operations.
In recent years, healthcare providers throughout the United States have grappled with a notable surge in ransomware assaults. As per the findings of threat intelligence entity Cyble, a total of 105 ransomware attacks have targeted the healthcare sector globally since February 1, with 77 incidents occurring within the United States alone.
In a recent interview with CBS News, Health and Human Services Secretary Xavier Becerra articulated concerns regarding the nationwide amalgamation of healthcare networks, emphasizing the potential repercussions of such consolidation on competitive dynamics. He underscored the risk posed by the over-concentration of healthcare resources, stating, "Consolidation occurs to such an extent that there are only a few players and when one or two of those big players go down, so goes the industry. We can't afford to have that."
Ascension has refrained from disclosing whether the cyberattack it endured constituted a ransomware incident.
