Universal Health Systems was hit with a ransomware attach this week. Their servers began to fail over the weekend and Hospitals across the country completely lost access to their EHR systems. All 250 of their facilities in the US were affected.
The ransomware attack was a variant of RYUK ransomware. The infection was spread across the network by IoT (Internet of Things) devices. These devices can include connected IV pumps, connected alarm systems and other devices that are connected to the hospital network. In your home or office this may be internet enabled lights, thermostats, doorbells, and other devices you can control over the network. Even TV Devices such as Fire Sticks, Roku, and other devices are susceptible to an attack such as this.
As a result of this attack many facilities were forced to go to pen and paper for medical record keeping. In many locations the nursing staff did not have access to medication lists and had no way ok knowing which medications patients needed, how much to dose, or even who needed medications.
Earlier this year a German woman died as a direct result of a ransomware attack.
It appears that this was an opportunistic ransomware attack, the hospital system was not directly targeted, but the attackers sent out the virus to see what they would catch and in this case they caught a very big fish. This same attack could just as easily have hit your office and taken all your systems down. This type of attack is usually begun by a spam/phishing attack, something that happens to everybody on a regular basis and simply clicking on a bad link in an email can result in this type of infection.
Any computer system is only as secure as its weakest link. This is why we need to have strict policies on how we and our staff use our computers, what online services our staff is able to access and what security we have on our computers, networks, and connected devices.
If you have not completed an inventory of all connected devices, established proper use policies for your computer systems and provided security training to your staff, now is the time to implement these steps. Please review your HIPAA Security Risk Analysis and make sure all your staff have attended one of the TLD Systems HIPAA Security Training sessions.
The next training is scheduled for October 14 at 12 noon Eastern Time. For more details please call TLD Systems at (631) 403-6687.