Cyberattacks Like The One On DCH Are Increasingly Common

DCH Health System

A ransomware attack on DCH Health System, based in Tuscaloosa, caused officials to divert all but the most critical patients from its three hospitals.

When cyber criminals attacked DCH Health System last week, they encrypted computer files and restricted access to medical systems. Brad Fisher, DCH spokesperson, says it had a big impact.

“When those things are not available, and the system is built on having those to deliver the care, it’s really difficult,” Fisher says.

In response to the attack, DCH stopped accepting all but the most critical new patients at its three hospitals located in Tuscaloosa, Northport and Fayette, and employees reverted to using paper charts and records.

After paying the hackers to obtain a decryption key over the weekend, hospital officials are now working to fully restore operations. Fisher says the attack was an eye opener.

“If you’re in a hospital, be afraid.  Be very afraid,” Fisher says. “It’s not good. It’s not a good thing at all.”

Ransomware attacks are the most significant cyber threat to hospitals across the country, according to John Riggi, a 28-year veteran of the FBI and now senior advisor for cybersecurity and risk at the American Hospital Association.

“Ransomware has a direct impact to interrupt patient care delivery operations and potentially patient safety,” Riggi says.

He says nowadays, because hospitals are increasingly wireless, a ransomware attack can shut down everything from CPAP machines and blood pressure monitors to the entire emergency room.

In addition to ransomware, hospitals also face potential cyber threats that target sensitive patient information and medical data. Last week, UAB Hospital announced that protected health information for about 20,000 patients was exposed and possibly viewed by hackers, after a phishing attack in August. Officials say criminals were trying to re-direct employee payroll deposits.

Cybersecurity expert John Riggi says a hospital’s best defense is prevention. Since ransomware and other malware typically enter a system via an email attachment or a link, employee education is key. He adds that hospitals should keep offline backups and regularly address software vulnerabilities, though that can be a challenge.

“Because hospitals operate 24/7, they can’t shut down overnight to deploy patches in their systems, and the systems are tremendously complex,” Riggi says.

This year, he says, there has been a dramatic increase in targeted cyberattacks on hospitals and other organizations. But at the same time, there is a growing awareness of the issue. Riggi says hospitals across the country now consider it a top risk.  It just so happens that October is Cyber Security Awareness Month.

More Front Page Coverage

Hack Exposes Vulnerability Of America’s Energy Supply Lines

Colonial Pipeline shut down its 5,500-mile pipeline on Friday after a ransomware attack. But this is not the first time the pipeline has been in the news. A 2016 gasoline spill in Shelby County showed what can go wrong with the energy supply.

Legislative Wrap-Up: Medical Marijuana And Yoga Bills Pass, Gambling Bill Stalls

A medical marijuana bill goes to the governor. Meanwhile a gambling bill looks unlikely to pass this session.

Alabama Legislature Drops Resistance, OKs Medical Marijuana

The bill faced strong resistance among House lawmakers.

WBHM Wins Four Regional Edward R. Murrow Awards

Public Radio WBHM 90.3 FM has won four regional Edward R. Murrow awards, including the award for Overall Excellence. WBHM also won awards in these categories: Continuing Coverage – The pandemic rages through Alabama, WBHM News Team Excellence in Sound – “Through The Intercom, Nursing Home Employee Sings To Residents” by Mary Scott Hodgin Hard […]

New Orleans’ Return To Cultural Parades Is A Step Toward Healing In The South

In April, Mardi Gras Indians held a funeral and parade for one of their own – one of a few large cultural events to occur since the pandemic started and most large events in the region were canceled.

Fentanyl Overdose Deaths Increase 100% In Jefferson County

The powerful synthetic opioid is now being mixed with drugs like cocaine and methamphetamine, leading to more overdose deaths.

More Front Page Coverage