(844) 627-8267
(844) 627-8267

‘Lives are at risk,’ Ascension ransomware attack on third week | #ransomware | #cybercrime

AUSTIN (KXAN) — It’s been nearly three weeks since Ascension Seton hospitals had a ransomware attack. As a result, computer systems are down.

On Friday, officials said they’re working hard to get it resolved.

Ascension continues to work around the clock with industry-leading cybersecurity experts to safely restore operations across our network. We are hopeful that after the weekend, our patients and clinicians will see progress across our points of care. Many of our vendors and partners have also started the process of reconnecting to our network and resuming services with Ascension, which should help to accelerate our overall recovery.”


But in the meantime, medical professionals said it is difficult to do their jobs.

‘Orders are being misread’

A woman, who asked us to conceal her identity, said she feels fearful and defeated from this whole situation.

She works in the emergency department at an Ascension hospital in Central Texas.

“People’s lives are at risk. It’s taking three, four hours to get basic lab work back. We could have patients that could be very ill, but we may not know.”

Ascension Hospital Worker

Electronic health records and systems to order certain tests, procedures and medications are unavailable.

“Everything is on paper, because the computer system is completely gone right now,” the woman said.

She said it puts pressure on nurses to provide both medical care and clerical work, which is leading to some mistakes.

“Patients’ birthdays are wrong, their names are wrong,” she said. “Orders are being misread.”

With no end in sight, this woman worries about the future.

“Already notified all of my loved ones and all of my family members that they are not to go to an Ascension facility until further notice, for their safety,” she said. “I have never said that in my 25 years of working in emergency medicine.”

What is a ransomware attack?

Cyber Threat Director at Qualys, Ken Dunham, said reports showed last year over 2,000 hospitals in the United States dealt with ransomware attacks.

“Ransomware is where bad actors are trying to extort you to get money.”

Ken Dunham, Qualys Cyber Threat Director

Dunham said they often will encrypt files or steal data.

“They’ll say, ‘You got to pay us if you want to have that back, or you want to get back up online,’” Dunham said.

He said there’s no timeline for how long it could take to solve these situations.

“Sometimes people can close out an incident in days. Sometimes it will take six months to a year or longer,” Dunham said. “It really matters on how well prepared you are and what your hygiene is, and also how complicated the bad actor is.”

Dunham said there are ways to protect against these types of attacks.

“You can have a vulnerability scanner, scanning for all your vulnerabilities,” Dunham said. “Make sure you’re patched because ransomware, once it gets in there, usually it’ll try to move around your network, and it’ll use vulnerabilities. If you don’t have those vulnerabilities, well, then it can’t do that.”

Lawsuit filed

There’s already been at least one lawsuit as a result of this.

Earlier this month, a former patient filed a lawsuit claiming her information was compromised following the ransomware attack.

When asked about this, Ascension told KXAN it “remains focused on safely caring for our patients and swiftly restoring our systems. We are conducting a thorough investigation of the incident with the support of leading cybersecurity experts and law enforcement.”

The company said if it determines sensitive data was potentially compromised, it will notify and support the affected individuals in accordance with all relevant regulatory and legal obligations.

Source link


National Cyber Security