A large chain of hospitals has been hit by what appears to be one of the largest medical cyberattacks in US history.
Information systems for universal health services, which has more than 400 locations, mainly in the United States, started failing over the weekend and some hospitals had to resort to storing patient information with pen and paper, according to more people who are familiar with the situation.
Universal Health Services did not immediately respond to requests for comment, but posted a statement on its website that its corporate network “is currently offline, due to an IT security issue. A person familiar with the company̵
Ransomware is a type of malicious software that spreads across computer networks, encrypting files and requiring you to pay a key to decrypt them. It has become a common tactic for hackers, although attacks of this magnitude against medical facilities are not common. A patient died after a ransomware attack against a German hospital in early September required her to be transferred to another hospital, which has led to speculation that it may be the first known death from ransomware.
Hackers looking to distribute ransomware often wait until the weekend when a company is likely not to have that many technical staff in attendance.
Two Universal Health Services nurses, who asked not to be named because they weren’t authorized by the company to speak to the media, said the attack started over the weekend and left medical staff to work with pen and paper.
One of the nurses, who works at a facility in North Dakota, said computers slowed down and eventually just didn’t turn on early Sunday morning. “As of this morning, all of the computers are completely out of order,” the nurse said.
Another registered nurse at a facility in Arizona who worked this weekend said “the computer just started shutting down by itself.”
“Our drug system is all online, so it was difficult,” said the Arizona nurse.
While many of the patient records at that facility are on paper, medication information is kept online, although it is supported at the end of each day, the nurse said.
“We have updated them to 26,” the person said.
“Now we had to hand-tag each drug,” the nurse said. “It’s all improvised.”
Ransomware can wreak havoc on hospitals. In 2017, a ransomware strain called WannaCry, created by hackers working for the North Korean government, spread around the world and infected the UK’s national health system even though it wasn’t a direct target. The attack disrupted at least 80 medical facilities, although there were no publicly reported deaths associated with the incident.
Kenneth White, a cybersecurity engineer with more than a decade of experience working with hospital networks, said delays caused by ransomware attacks can have dire consequences for patients.
“When nurses and doctors cannot access labs, radiology or cardiology reports, this can dramatically slow down treatment and, in extreme cases, force redirection for critical care to other treatment centers,” he said. “When these systems go down, there is a very real possibility that people could die.”