SECURITY
SECURITY
SECURITY
Ransomware attack knocks out systems at Ohio and W. Virginia healthcare provider
The Memorial Health System, a healthcare provider in Ohio and West Virginia, has been struck by a ransomware attack that knocked systems offline and forced hospital staff to use paper charts.
The ransomware attack, detected on Aug. 15, was described by Memorial as an information technology security incident. As a result, user access to IT applications was suspended and temporary disruptions to aspects of clinical applications occurred.
Further, the hospital was forced to cancel all urgent surgical cases and radiology exams on Monday. Primary care appointments went ahead as scheduled.
Along with informing federal law enforcement, Memorial said it’s working with security partners to restore information as quickly as possible. Memorial claimed that there’s no known patient or employee personal or financial information believed to have been compromised.
That last statement turns out to be premature. The attack is believed to have involved the Hive ransomware gang. Hive is known to be a “double-tap” ransomware gang in which they both encrypt and steal data from victims.
Bleeping Computer reported Monday that it has seen evidence that the attackers, in this case, have stolen databases with information belonging to 200,000 patients. That data includes sensitive details such as Social Security numbers, names and dates of birth. The gang also operates a dark web page where it publishes links to stolen data when a ransom is not paid.
“The healthcare industry is one of the largest targets for cybercriminals due to protected health information being extremely profitable on dark web marketplaces because it usually contains fixed information, which hackers can use to commit identity theft for years to come,” Stephan Chenette, co-founder and chief technology officer at security optimization platform provider AttackIQ Inc., told SiliconANGLE. “Additionally, Memorial Health System is a nonprofit organization, which makes it an even more attractive target for cybercriminals because nonprofits are often viewed as having lower defensive maturity and limited cybersecurity expertise.”
Anurag Kahol, co-founder and CTO of cloud access security broker Bitglass Inc., noted that the attack places 200,000 patients at risk of identity theft and fraud.
“To counter ransomware attacks, healthcare organizations must take a proactive approach to security,” Kahol said. “A Zero Trust framework ensures that only authorized users are granted access to their networks and monitors for suspicious activity and potential threats.”
Photo: Memorial Health System
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
