Cyberattacks Like The One On DCH Are Increasingly Common
When cyber criminals attacked DCH Health System last week, they encrypted computer files and restricted access to medical systems. Brad Fisher, DCH spokesperson, says it had a big impact.
“When those things are not available, and the system is built on having those to deliver the care, it’s really difficult,” Fisher says.
In response to the attack, DCH stopped accepting all but the most critical new patients at its three hospitals located in Tuscaloosa, Northport and Fayette, and employees reverted to using paper charts and records.
After paying the hackers to obtain a decryption key over the weekend, hospital officials are now working to fully restore operations. Fisher says the attack was an eye opener.
“If you’re in a hospital, be afraid. Be very afraid,” Fisher says. “It’s not good. It’s not a good thing at all.”
Ransomware attacks are the most significant cyber threat to hospitals across the country, according to John Riggi, a 28-year veteran of the FBI and now senior advisor for cybersecurity and risk at the American Hospital Association.
“Ransomware has a direct impact to interrupt patient care delivery operations and potentially patient safety,” Riggi says.
He says nowadays, because hospitals are increasingly wireless, a ransomware attack can shut down everything from CPAP machines and blood pressure monitors to the entire emergency room.
In addition to ransomware, hospitals also face potential cyber threats that target sensitive patient information and medical data. Last week, UAB Hospital announced that protected health information for about 20,000 patients was exposed and possibly viewed by hackers, after a phishing attack in August. Officials say criminals were trying to re-direct employee payroll deposits.
Cybersecurity expert John Riggi says a hospital’s best defense is prevention. Since ransomware and other malware typically enter a system via an email attachment or a link, employee education is key. He adds that hospitals should keep offline backups and regularly address software vulnerabilities, though that can be a challenge.
“Because hospitals operate 24/7, they can’t shut down overnight to deploy patches in their systems, and the systems are tremendously complex,” Riggi says.
This year, he says, there has been a dramatic increase in targeted cyberattacks on hospitals and other organizations. But at the same time, there is a growing awareness of the issue. Riggi says hospitals across the country now consider it a top risk. It just so happens that October is Cyber Security Awareness Month.
On ‘The Life of a Showgirl,’ Taylor Swift feels love’s glow and the spotlight’s glare
On her 12th album, the most dominant pop star of our era makes a spectacle of herself in full flower, in love and holding the music industry in the palm of her hand.
FDA approves another generic abortion pill, prompting outrage from conservatives
Drugmaker Evita Solutions announced on its website that the Food and Drug Administration signed off on its low-cost form of the pill, which is approved to end pregnancies through 10 weeks.
As the shutdown drags on, the threat of permanent cuts is mired in politics
President Trump is meeting with his budget director, Russ Vought, about what additional cuts to make during the shutdown, and the president says his targets are partisan.
Pope Leo’s religious community is drawing renewed interest. Here’s what makes it unique
"Before, we might get two or three discerners. But after Pope Leo, I now have 15. It's unbelievable."
The CDC still hasn’t issued COVID vaccine guidelines, leaving access in limbo
Access to the COVID-19 vaccines remains difficult because of an unusual and unexplained delay by the Centers for Disease Control and Prevention in accepting recommendations from its advisers.
National Guard presence may deter crime, but experts warn of the long-term costs
As President Trump ramps up efforts to send federal officers and troops into cities, criminologists are watching closely. Are the feds doing this in a smart way?