Ransomware Attacks Cripple Healthcare Providers in Multiple States

A ransomware attack has disrupted healthcare systems in California, Texas, Connecticut, Rhode Island and Pennsylvania, forcing the suspension of services at emergency rooms and causing ambulances to be diverted to other facilities. The attacks have also caused the suspension of primary care services.

‍

“Upon learning of this, we took our systems offline to protect them and launched an investigation with the help of third-party cybersecurity specialists,” a spokesperson for Prospect Medical Holdings in California told the Associated Press.  

‍

“While our investigation continues, we are focused on addressing the pressing needs of our patients as we work diligently to return to normal operations as quickly as possible.”

‍

Other facilities impacted include:

• Connecticut: emergency departments at Manchester Memorial and Rockville General hospital were closed for much of Thursday and patients were diverted to other nearby medical centers.
• Pennsylvania: services impacted at the Crozer-Chester Medical Center in Upland, Taylor Hospital in Ridley Park, Delaware County Memorial Hospital in Drexel Hill and Springfield Hospital in Springfield, according to the Philadelphia Inquirer.
• California: seven hospitals in Los Angeles and Orange counties including two behavioral health facilities and a 130-bed acute care hospital in Los Angeles.

‍

The FBI said it is working with “law enforcement partners and the victim entities” but could not comment further.

‍

Takeaway: Ransomware attacks are one of the biggest threats facing every organization today, and healthcare providers have been hit particularly hard. Attackers are financially motivated, and they know that the more pain they can inflict on a target, the more money they can extort from them.

‍

Ransomware operators are simply ruthless, and they know that the impact of an attack against healthcare organizations doesn’t just disrupt operations, it directly affects the lives of patients, which in turn puts tremendous pressure on the targeted provider to pay up for swift recovery.

‍

The threat from ransomware is very real, and the fact that nation-state sponsored or directed operators are getting more active in conducting ransomware attacks on our critical infrastructure – especially healthcare - is more than concerning.  

‍

Last year CISA warned organizations to remain vigilant with respect to an increased risk from ransomware and destructive data attacks, and a joint alert was issued in early 2023 by CISA, the FBI, NSA, and HHS regarding and increase in ransomware attacks targeting healthcare providers.

‍

Criminal elements have significantly advanced their ability to quietly infiltrate large portions of a target's network, exfiltrating sensitive data to be used as additional leverage for demanding a higher ransom payout.

‍

Ransomware is a multi-billion-dollar industry that operates like legitimate businesses - with a host of specialists, R&D departments, recruiters, Helpdesk, HR departments and more.

‍

We can expect to continue to see healthcare and other critical infrastructure providers be a favorite target given they typically have the least resources to dedicated to securing sensitive systems that can have the widest impact when disrupted in an attack.

‍

‍

Halcyon.ai is the industry’s first dedicated, adaptive security platform that combines multiple advanced proprietary prevention engines along with AI models focused specifically on stopping ransomware – talk to a Halcyon expert today to find out more.