US Hospitals Under Attack

( – Numerous hospitals and medical clinics’ computer systems across multiple states remain offline over two weeks following a cyberattack, leading to some emergency room closures and ambulance rerouting.

On Friday, Prospect Medical Holdings announced that while they are making progress in “recovering critical systems and restoring their integrity,” they are uncertain about when they will be fully operational. The healthcare firm manages 16 hospitals and numerous other medical facilities in California, Connecticut, Pennsylvania, Rhode Island, and Texas.

In a text communication, spokesperson Nina Kruse shared, “We do not yet have a definitive timeline for how long it will be before all of our systems are restored.” She also mentioned that a “forensic investigation is still underway,” and they are constantly collaborating with law enforcement agencies.

Following such cyber incidents, recovery typically spans weeks, requiring hospitals to return to manual paper systems. According to John Riggi from the American Hospital Association, human intervention is essential to oversee equipment, transport records across departments, and perform other electronic-dependent tasks during these times.

The cyber incident, disclosed on August 3, appeared to be a ransomware attack, although the officials haven’t confirmed this. In typical ransomware attacks, perpetrators access sensitive data, employ encryption software to incapacitate targeted networks, and then demand ransom payments.

John Riggi further noted that the FBI recommends against paying ransoms, emphasizing that it doesn’t guarantee the safety of the compromised data and may even encourage the criminals by funding their illicit activities.

Due to the cyber onslaught, there have been delays in elective surgeries, outpatient consultations, blood drives, and other services.

On Friday, Eastern Connecticut Health Network, which encompasses Rockville General and Manchester Memorial hospitals, alongside several clinics and primary care centers, was operating on an interim phone system.

Lauresha Xhihani, a spokesperson for Waterbury Hospital, informed the Republican-American newspaper that they have shifted to paper records since the cyber breach. However, they have resumed admitting trauma and stroke patients.

Nina Kruse emphasized the preparedness of their healthcare professionals, stating, “PMH physicians, nurses, and staff are trained to provide care when our electronic systems are not available. Delivering safe, quality care is our most important priority.”

In IBM’s latest annual report on data breaches, the healthcare sector emerged as the primary target for cyberattacks up to March this year. It faced the costliest breaches for the 13th consecutive year, with an average of $11 million per breach. The financial sector followed, averaging $5.9 million per breach.

John Riggi explained that healthcare providers frequently fall prey to cybercriminals because they hold sensitive patient data, ranging from medical histories and payment details to essential research data.