Hospital running on pen and paper after being hit with ransomware attack

midian182

midian182

Posts: 9,752   +121
Staff member

Another US hospital has become the victim of a ransomware attack. An “unknown party” managed to infect the systems of Hancock Regional Hospital in the state of Indiana last week, demanding an unspecified number of Bitcoins to release the unlock key.

When the attack took place on January 11 it affected the medical center’s email, electronic health records, and other internal operating systems. The hospital stresses that no patient records were removed from its network and patient care has not been significantly impacted.

The institution shut down some systems to prevent further infection and contacted the Federal Bureau of investigation and a national IT security company. As of Saturday morning, these systems were still down, and it continued to use pen and paper to keep patients’ medical charts updated.

Some previous cases of ransomware made their way onto hospital systems via employees opening malicious email or website links, but Steve Long, CEO of Hancock Health hospital, said that wasn’t the case in this instance.

“This was not a 15-year-old kid sitting in his mother’s basement,” Long told the Daily Reporter. He added that the financial demands had not been met, and that the FBI is familiar with this type of sophisticated attack.

“We, like other hospitals, do disaster drills all the time, so this aligns perfectly well with drills that we've had throughout the years on how to continue to deliver world-class care when you have system failures or system breaches,” Rob Matt, the hospital’s strategy officer, told The Indianapolis Star.

Last year saw Kansas Heart Hospital and the Hollywood Presbyterian Medical Center hit by ransomware attacks. It’s likely that the unknown computer virus that infected hospital chain Medstar was also a form of ransomware.

Permalink to story.

https://www.techspot.com/news/72750-hospital-running-pen-paper-after-hit-ransomware-attack.html

 
This was not a 15-year-old kid sitting in his mother’s basement,” Long told the Daily Reporter.
Click to expand...

I mean...you don't really know that. It easily could have been.

They do disaster drills all the time, yet are still down 3 days later?
 
gusticles41 said:
This was not a 15-year-old kid sitting in his mother’s basement,” Long told the Daily Reporter.
Click to expand...

I mean...you don't really know that. It easily could have been.

They do disaster drills all the time, yet are still down 3 days later?
Click to expand...

This is a ransomware attack, not just a down computer or server. The drills are not to speed up fixing the problem, but to ensure safe and continuous service.
 
  • Like
Reactions: Reehahs and Tanstar
EClyde said:
wiyosaya said:
And may also increase the chances for medical errors.
Click to expand...
Nope.
Click to expand...

At least here it would as most doctors don't speak the native language. And it's not like the patients could learn one new language to understand them as they come from all over poor world. All native doctors are on private sector. But as they hire exclusively bad doctors to drive down public heath care on purpose some errors would be a nice bonus.
 
This was the exact plot from a recent Grey's Anatomy episode, even down to the demand for BitCoins.
 
More businesses would benefit from this drill. If the owner of any business wants to understand the nuts and bolts as well as the weak areas, drop back a few tiers of technology and see how the company operates. I have one friend who operates a wholesale business; one day a month they drop back to taking orders on pencil and paper and manually processing them. Strangely, he told me that during the past several years they consistently get more orders processed with fewer mistakes on these days. He also says he no longer finds anyone "screwing around" with facebook and a bunch of other distractions when he does that one day exercise.......
 
  • Like
Reactions: Reehahs
I worked in the hospital lab for 35 years as a medical technologist. I generated a ton of data and entered that data into record both via pen and electronically. One is no more apt to create bad data one way or the other. In fact more attention is paid to data created then entered manually then when one is looking at a screen with 50 analytes on it making rapid judgments as to it's accuracy. I have done both and I know that when original data is copied to the log book and a report more attention and time is paid.
 
wiyosaya said:
And may also increase the chances for medical errors.
Click to expand...

If it run by the government it will not matter if it pen and paper or computer. It really does not matter both suck.

In my area hospitals cannot talk to other hospitals even in the hospital one part of hospital has no idea what other part of the hospital is doing. Every thing is fax over or done by phone. Many times it gets misplaced or they fail to fax it over.

It not military or police it healthcare and healthcare is low on government priority.
 
Kenrick said:
You've got to be the lowest of all people and no conscience to do this to hospitals. The hospital are for the sick and doing this willdelay them the proper services they need. Spare them with your greed.
Click to expand...

While you're right about hospitals being for the sick and needy, they should, at least in the US, should be able to afford it to a certain point, with their ridiculous medical bills. (Not some keyboard warrior or some kid in a basement)
 
centrino207 said:
If it run by the government it will not matter if it pen and paper or computer. It really does not matter both suck.

In my area hospitals cannot talk to other hospitals even in the hospital one part of hospital has no idea what other part of the hospital is doing. Every thing is fax over or done by phone. Many times it gets misplaced or they fail to fax it over.

It not military or police it healthcare and healthcare is low on government priority.
Click to expand...
In the U.S. hospitals are privately owned and not government run.
 
alabama man said:
At least here it would as most doctors don't speak the native language. And it's not like the patients could learn one new language to understand them as they come from all over poor world. All native doctors are on private sector. But as they hire exclusively bad doctors to drive down public heath care on purpose some errors would be a nice bonus.
Click to expand...

Maybe, but in that case it would be the patients who lose.
 
MannerMauler said:
While you're right about hospitals being for the sick and needy, they should, at least in the US, should be able to afford it to a certain point, with their ridiculous medical bills. (Not some keyboard warrior or some kid in a basement)
Click to expand...
again, the people who suffer are the patients. even if the hospital pays, It doesn't come out of the investors or CEO's cuts, it is cut from the hospitals investment into research, equipment and pro bono work. Hospitals in the US at least have to maintain profitability. a hit like this will lead to the hospital making cuts to maintain that profitability. those cuts hurt potential patients and the staff.
 
thedrelle said:
again, the people who suffer are the patients. even if the hospital pays, It doesn't come out of the investors or CEO's cuts, it is cut from the hospitals investment into research, equipment and pro bono work. Hospitals in the US at least have to maintain profitability. a hit like this will lead to the hospital making cuts to maintain that profitability. those cuts hurt potential patients and the staff.
Click to expand...

What country are you talking about in the UK there are laws that hospitals can and cannot do.
 
This was not a 15-year-old kid sitting in his mother’s basement,” Long told the Daily Reporter. He added that the financial demands had not been met, and that the FBI is familiar with this type of sophisticated attack.
Click to expand...
Uh, it’s really not that hard. I could also see a kid on a computer being far less sympathetic to the plight the cause.
Turning To the fbi will do very little though. Hiring a cyber security firm would be the wisest option here!
 
At least now they can rest assured they'll have a higher level of data security and less in terms of electronic HIPAA violations.
 
centrino207 said:
What country are you talking about in the UK there are laws that hospitals can and cannot do.
Click to expand...
He named the US in his post . . . And you are saying in the UK hospitals can't put any less money into research, equipment and Pro Bono work when they are losing money?
 
  • Like
Reactions: thedrelle
You must log in or register to reply here.

Similar threads

midian182
FBI investigates ransomware attack impacting healthcare facilities across multiple states
Replies
1
Views
326
axiomatic13
axiomatic13
Shawn Knight
Vast majority of US hospital websites are sharing visitor data with Big Tech companies
Replies
8
Views
153
Dimitrios
Dimitrios
midian182
LockBit website seized, operations disrupted in joint international law enforcement operation
Replies
4
Views
206
erickmendes
erickmendes

Latest posts

Back