A ransomware group could be linked to a cyberattack on Kettering Health, the Ohio-based health system said Thursday.
The provider said it has reason to believe that the attack, which began in late May and disrupted patient care, was launched by the ransomware group Interlock. The emerging ransomware group has targeted several sectors, including healthcare, according to a report published in November by Cisco Talos, a threat intelligence researcher.
Kettering said it has eradicated the tools used by the group, conducted a thorough review of its systems and security protocols, and completed updates and patches.
“We have strong confidence that our network-connected devices are secure, and our connections to our partners are fully protected,” Kettering said in a statement.
The attack on Kettering began May 20 when the provider reported a system-wide technology outage and canceled elective inpatient and outpatient procedures.
Kettering is still recovering from the cyberattack. The system was able to stop diverting ambulances to other nearby hospitals about a week after the attack started, and core components of its Epic electronic health record were restored early this month, according to updates from Kettering.
Cyberattacks have become a significant threat for the healthcare sector. Meanwhile, ransomware, a type of malware that denies users access to their data until a ransom is paid, has been involved in more healthcare data breaches in recent years.
These attacks can have major impacts on hospitals, cutting off access to critical technology systems, forcing them to cancel scheduled appointments and pushing providers to send emergency cases to other facilities. Some providers report a rise in patient mortality rates in the wake of ransomware attacks.
