The UHS (Universal Health Services), a hospital and health care network that operates more than 400 facilities across the US, UK and Puerto Rico has been reported as another major casualty of a ransomware attack that crippled their operations since last Sunday morning. This has taken down their networks all over the US which had led to some patients to be re-routed to other emergency rooms and facilities. Appointments and test results are definitely delayed as a result of the attack.
This has led to their operation from being paperless to manual all-paper system. It has been reported that the ransomware that have infected their system has the makings of the Ryuk ransomware.
“Ryuk is typically used in so-called ‘big-game hunting’ attacks in which hackers attempt to extort large ransoms from corporate victims.”
UHS has approximately 90,000 employees who treats roughly 3.5 million patients per year making them one of the largest health care network in the US.
For the meantime, everything is being documented via paper documents due to the fact that their computers are completely shut down. Documentation is a nightmare. Emergency rooms are not too much affected compared to the patients that are already being treated in their respective rooms and departments. Health care providers are scrambling to get everything back in track to normalize operations.
They do have an backup process and offline documentation methods they are currently using to get back their operations and have their systems back online.
They would not confirm that it is a ransomware attack. The company’s statement did confirm that the “IT network across Universal Health Services facilities is currently offline, due to an IT security issue,” and that patient and employee data appear not to have been compromised in the attack.
Since 2010, large organizations have a target on their backs. However, the giant leap in technology for ransomware have doubled recently. Hospitals and healthcare are primary targets due to the fact that patient safety is of utmost importance which might force them to pay the ransomware developers.
In line with this, the Ashtabula County Medical Center in Ohio and Nebraska Medicine have both suffered ransomware attacks in recent days that caused system outages and threatened patient services.