Two hospitals in Ohio and West Virginia have been forced to turn away emergency patients after their computer systems were crippled in a ransomware attack over the weekend.

The hospitals — the Ohio Valley Medical Center in Wheeling, West Virginia, and East Ohio Regional Hospital in Martins Ferry, detected the ransomware attack on Nov. 23. It spread through their networks over the weekend.

The details of the form of ransomware were not known, but the attack caused system failures. The hospitals could not process incoming emergency patients, forcing them to divert those requiring medical treatment to other local hospitals.

According to local media, the hospitals said that their systems had redundant security and hence the attack was only able to get through the first layer but not the second layer. No patient information is believed to have been stolen.

Gijsbert Janssen van Doorn, technology evangelist at Zerto Ltd. told SiliconANGLE that organizations should remember that “without a data hostage, there is no ransom.”

“Prevention plans aren’t enough as attacks build in frequency and strength, causing irreparable harm to brand reputation and increasing risk,” van Doorn explained. “Instead, organizations need to invest and create more dynamic, modern approaches to business continuity and disaster recovery. Full IT resilience plans, including backup, disaster recovery and cloud mobility, are key to this and enable organizations to withstand both planned and unplanned disruptions.

Justin Des Lauriers, technical project manager at Exabeam Inc., said these cases once again show that ransomware attacks can have a much larger impact than temporarily denying access to systems in exchange for payment and that ransom amounts often pale in comparison to the collateral damage and downtime costs they cause.

“The ideal case would be to detect and stop ransomware before an infection occurs,” he said. Unfortunately, he added, the insidious software is almost always detected after the damage has already occurred.

“One way to thwart a ransomware infection—before it begins to encrypt your files—is by deploying user entity behavior analytics, which can detect the telltale behaviors associated with ransomware,” he added. “A behavior-based approach offers an ideal way to detect ransomware attacks. From the onset of its deployment, a behavior-based approach creates normal user behavior baselines, making it possible to track any deviations from the norm.”

Image: christiaancolen/Flickr