In multiple US states, emergency hospital operations encountered disruption due to a recent cyberattack, causing considerable challenges for both medical professionals and patients.
According to CNN, all of the affected hospitals are in New Jersey, New Mexico, and Oklahoma and are owned, or partly owned, by Ardent Health Services, a Tennessee-based company that owns more than two dozen hospitals in at least five states.
The company revealed in a press release that the attack had shut down a significant number of its computerised services.
“In an abundance of caution, our facilities are rescheduling some non-emergent, elective procedures and diverting some emergency room patients to other area hospitals until systems are back online,” Ardent Health’s release said.
It informed that the attack had taken its network offline. The company was coordinating with law enforcement agencies as well as third-party forensic and threat intelligence advisors.
“At this time, we cannot confirm the extent of any patient health or financial data that has been compromised,” Ardent said.
According to the USA’s Federal Bureau of Investigation (FBI), such cyber attacks generally take place during holidays as fewer security staff are on duty. It also advises victims of ransomware attacks to not agree to ransom demands.
“We need victims not to pay the ransom because that’s the gasoline that’s pouring on the fire,” the FBI director, Christopher Wray, said in February this year. “The more people pay, the price goes up and the more victims there are. So we have a shared common interest in not having the ransoms get paid.”
Hospitals became targets for extortion payments in 2016, with at least 300 documented attacks annually on healthcare facilities since 2020, as reported by cybersecurity firm Recorded Future and ransomware analyst Allan Liska.
In June, St Margaret’s Health in Spring Valley, Illinois, had to close due in part to a cyberattack. Ardent is considered the largest health operator affected thus far. Though no patient deaths have been directly linked to attacks, studies suggest a correlation between ransomware incidents in hospitals and higher mortality rates, as noted by NBC.