Hospital running on pen and paper after being hit with ransomware attack

By midian182 · 25 replies
Jan 15, 2018
Post New Reply
  1. Another US hospital has become the victim of a ransomware attack. An “unknown party” managed to infect the systems of Hancock Regional Hospital in the state of Indiana last week, demanding an unspecified number of Bitcoins to release the unlock key.

    When the attack took place on January 11 it affected the medical center’s email, electronic health records, and other internal operating systems. The hospital stresses that no patient records were removed from its network and patient care has not been significantly impacted.

    The institution shut down some systems to prevent further infection and contacted the Federal Bureau of investigation and a national IT security company. As of Saturday morning, these systems were still down, and it continued to use pen and paper to keep patients’ medical charts updated.

    Some previous cases of ransomware made their way onto hospital systems via employees opening malicious email or website links, but Steve Long, CEO of Hancock Health hospital, said that wasn’t the case in this instance.

    “This was not a 15-year-old kid sitting in his mother’s basement,” Long told the Daily Reporter. He added that the financial demands had not been met, and that the FBI is familiar with this type of sophisticated attack.

    “We, like other hospitals, do disaster drills all the time, so this aligns perfectly well with drills that we've had throughout the years on how to continue to deliver world-class care when you have system failures or system breaches,” Rob Matt, the hospital’s strategy officer, told The Indianapolis Star.

    Last year saw Kansas Heart Hospital and the Hollywood Presbyterian Medical Center hit by ransomware attacks. It’s likely that the unknown computer virus that infected hospital chain Medstar was also a form of ransomware.

    Permalink to story.

     
  2. EClyde

    EClyde TS Evangelist Posts: 1,481   +522

    Pen and paper saves time
     
  3. wiyosaya

    wiyosaya TS Evangelist Posts: 2,748   +1,312

    And may also increase the chances for medical errors.
     
  4. gusticles41

    gusticles41 TS Guru Posts: 279   +277

    I mean...you don't really know that. It easily could have been.

    They do disaster drills all the time, yet are still down 3 days later?
     
  5. EClyde

    EClyde TS Evangelist Posts: 1,481   +522

    Nope.
     
  6. thedrelle

    thedrelle TS Enthusiast Posts: 64   +12

    This is a ransomware attack, not just a down computer or server. The drills are not to speed up fixing the problem, but to ensure safe and continuous service.
     
    Reehahs and Tanstar like this.
  7. cliffordcooley

    cliffordcooley TS Guardian Fighter Posts: 10,295   +4,201

    That's right! Replace all that medical equipment that is vulnerable to attack with "pen and paper".
     
    Reehahs and wiyosaya like this.
  8. Kotters

    Kotters TS Maniac Posts: 321   +220

    Until you need to search for information or store records.

    Source: I work for an FFL.
     
    wiyosaya likes this.
  9. Kenrick

    Kenrick TS Evangelist Posts: 630   +403

    You've got to be the lowest of all people and no conscience to do this to hospitals. The hospital are for the sick and doing this willdelay them the proper services they need. Spare them with your greed.
     
  10. alabama man

    alabama man TS Guru Posts: 480   +297

    At least here it would as most doctors don't speak the native language. And it's not like the patients could learn one new language to understand them as they come from all over poor world. All native doctors are on private sector. But as they hire exclusively bad doctors to drive down public heath care on purpose some errors would be a nice bonus.
     
  11. wiyosaya

    wiyosaya TS Evangelist Posts: 2,748   +1,312

    A simple assumption? Based on what? Your knowledge of 1). Medical errors. 2). How difficult it is to keep paper records? 3). Direct knowledge of electronic medical records? 4). Something else?

    Nope is not an answer.
     
    mattfrompa likes this.
  12. Tanstar

    Tanstar TS Evangelist Posts: 656   +200

    This was the exact plot from a recent Grey's Anatomy episode, even down to the demand for BitCoins.
     
  13. Uncle Al

    Uncle Al TS Evangelist Posts: 4,112   +2,602

    More businesses would benefit from this drill. If the owner of any business wants to understand the nuts and bolts as well as the weak areas, drop back a few tiers of technology and see how the company operates. I have one friend who operates a wholesale business; one day a month they drop back to taking orders on pencil and paper and manually processing them. Strangely, he told me that during the past several years they consistently get more orders processed with fewer mistakes on these days. He also says he no longer finds anyone "screwing around" with facebook and a bunch of other distractions when he does that one day exercise.......
     
    Reehahs likes this.
  14. EClyde

    EClyde TS Evangelist Posts: 1,481   +522

    I worked in the hospital lab for 35 years as a medical technologist. I generated a ton of data and entered that data into record both via pen and electronically. One is no more apt to create bad data one way or the other. In fact more attention is paid to data created then entered manually then when one is looking at a screen with 50 analytes on it making rapid judgments as to it's accuracy. I have done both and I know that when original data is copied to the log book and a report more attention and time is paid.
     
  15. centrino207

    centrino207 TS Booster Posts: 160   +10

    If it run by the government it will not matter if it pen and paper or computer. It really does not matter both suck.

    In my area hospitals cannot talk to other hospitals even in the hospital one part of hospital has no idea what other part of the hospital is doing. Every thing is fax over or done by phone. Many times it gets misplaced or they fail to fax it over.

    It not military or police it healthcare and healthcare is low on government priority.
     
  16. MannerMauler

    MannerMauler TS Addict Posts: 199   +48

    While you're right about hospitals being for the sick and needy, they should, at least in the US, should be able to afford it to a certain point, with their ridiculous medical bills. (Not some keyboard warrior or some kid in a basement)
     
  17. Tanstar

    Tanstar TS Evangelist Posts: 656   +200

    In the U.S. hospitals are privately owned and not government run.
     
  18. thedrelle

    thedrelle TS Enthusiast Posts: 64   +12

    Maybe, but in that case it would be the patients who lose.
     
  19. thedrelle

    thedrelle TS Enthusiast Posts: 64   +12

    again, the people who suffer are the patients. even if the hospital pays, It doesn't come out of the investors or CEO's cuts, it is cut from the hospitals investment into research, equipment and pro bono work. Hospitals in the US at least have to maintain profitability. a hit like this will lead to the hospital making cuts to maintain that profitability. those cuts hurt potential patients and the staff.
     
  20. centrino207

    centrino207 TS Booster Posts: 160   +10

    So this thing does not happen in US?

    Only countries that have universal healthcare?

    So they go to jail when they mess up?
     
  21. centrino207

    centrino207 TS Booster Posts: 160   +10

    What country are you talking about in the UK there are laws that hospitals can and cannot do.
     
  22. lostinlodos

    lostinlodos TS Booster Posts: 135   +22

    Chicago med beat them to the punch on that. There a doctor paid the ransom.
     
  23. lostinlodos

    lostinlodos TS Booster Posts: 135   +22

    Uh, it’s really not that hard. I could also see a kid on a computer being far less sympathetic to the plight the cause.
    Turning To the fbi will do very little though. Hiring a cyber security firm would be the wisest option here!
     
  24. Joe Blow

    Joe Blow TS Addict Posts: 216   +74

    At least now they can rest assured they'll have a higher level of data security and less in terms of electronic HIPAA violations.
     
  25. Tanstar

    Tanstar TS Evangelist Posts: 656   +200

    He named the US in his post . . . And you are saying in the UK hospitals can't put any less money into research, equipment and Pro Bono work when they are losing money?
     
    thedrelle likes this.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...