Cyberattacks Like The One On DCH Are Increasingly Common
When cyber criminals attacked DCH Health System last week, they encrypted computer files and restricted access to medical systems. Brad Fisher, DCH spokesperson, says it had a big impact.
“When those things are not available, and the system is built on having those to deliver the care, it’s really difficult,” Fisher says.
In response to the attack, DCH stopped accepting all but the most critical new patients at its three hospitals located in Tuscaloosa, Northport and Fayette, and employees reverted to using paper charts and records.
After paying the hackers to obtain a decryption key over the weekend, hospital officials are now working to fully restore operations. Fisher says the attack was an eye opener.
“If you’re in a hospital, be afraid. Be very afraid,” Fisher says. “It’s not good. It’s not a good thing at all.”
Ransomware attacks are the most significant cyber threat to hospitals across the country, according to John Riggi, a 28-year veteran of the FBI and now senior advisor for cybersecurity and risk at the American Hospital Association.
“Ransomware has a direct impact to interrupt patient care delivery operations and potentially patient safety,” Riggi says.
He says nowadays, because hospitals are increasingly wireless, a ransomware attack can shut down everything from CPAP machines and blood pressure monitors to the entire emergency room.
In addition to ransomware, hospitals also face potential cyber threats that target sensitive patient information and medical data. Last week, UAB Hospital announced that protected health information for about 20,000 patients was exposed and possibly viewed by hackers, after a phishing attack in August. Officials say criminals were trying to re-direct employee payroll deposits.
Cybersecurity expert John Riggi says a hospital’s best defense is prevention. Since ransomware and other malware typically enter a system via an email attachment or a link, employee education is key. He adds that hospitals should keep offline backups and regularly address software vulnerabilities, though that can be a challenge.
“Because hospitals operate 24/7, they can’t shut down overnight to deploy patches in their systems, and the systems are tremendously complex,” Riggi says.
This year, he says, there has been a dramatic increase in targeted cyberattacks on hospitals and other organizations. But at the same time, there is a growing awareness of the issue. Riggi says hospitals across the country now consider it a top risk. It just so happens that October is Cyber Security Awareness Month.
Thousands evacuated in Canada as wildfires threaten air quality in parts of the U.S.
Air quality reached "unhealthy" levels in North Dakota and small swaths of Montana, Minnesota and South Dakota, according to the EPA.
Some of the U.S. could see the northern lights due to a geomagnetic storm
The National Oceanic and Atmospheric Administration's Space Weather Prediction Center says a severe geomagnetic storm is possible Sunday night.
Ukraine destroys more than 40 military aircraft in a drone attack deep inside Russia
The attack was disclosed on the same day as Zelenskyy said Ukraine will send a delegation to Istanbul for a new round of direct peace talks with Russia on Monday.
The women of No Sex for Fish are survivors — but their survival is precarious
A group of women in Kenya rebelled against trading sex for a fisherman's catch to sell. They got their own boats, had success — but in past years have faced floods and now fears about HIV medications.
Two dead and hundreds arrested in France after PSG win soccer Champions League
Hundreds of people were arrested in the celebrations, which were largely peaceful but degenerated into violence in some areas.
At least seven dead after two Russian bridges collapse
Russia's Investigative Committee, the country's top criminal investigation agency, said in a statement that explosions had caused the two bridges to collapse, but did not give further details.