Cyberattack on Ascension leads to ambulance diversions – HealthITSecurity

author
2 minutes, 19 seconds Read

By Jill McKeon

May 13, 2024 – Ascension is diverting emergency medical services at several hospitals as it works to address a ransomware attack. As previously reported, Ascension discovered a cybersecurity incident on May 8 that impacted some of its network systems, including its EHR system. Ascension operates more than 140 hospitals across 19 U.S. states.

In its most recent update on the incident, an Ascension spokesperson said that its hospitals remain open and are continuing to provide care. However, emergency services at several hospitals are being diverted “in order to ensure emergency cases are triaged immediately.”

Additionally, Ascension has paused some non-emergency elective procedures, appointments, and tests while it continues to work through the incident. Providers have reverted to several downtime procedures as the organization’s EHR systems remain unavailable, including moving to paper records and using manual processes for dispensing medication, contacting patients, and ordering diagnostic tests.

Ascension does not yet have a timeline for restoring its systems but said that it expects both the restoration and investigation processes to take time to complete.

Upon discovery, Ascension engaged Mandiant to assist in the investigation process and alerted its business partners of the incident. Ascension is also working with the FBI, HHS, the Cybersecurity and Infrastructure Security Agency (CISA), and the Health Information Sharing and Analysis Center (H-ISAC).

“Kudos to Ascension for immediately disconnecting the infected portions of their network and we have to hope they are able to resume normal operations quickly,” said Dan Lattimer, vice president at Semperis, in reaction to Ascension’s initial notice. 

“Ascension’s transparency is noble and notifying their business partners about the breach will enable any company in their supply chain to assess its own risk. We don’t yet know why Ascension was targeted, but the biggest reason hackers target hospitals are to get paid. It’s that simple.”

Lattimer emphasized the importance of identifying single points of failure and maintaining visibility into networks to quickly address anomalies.

In the wake of the Change Healthcare cyberattack, critical infrastructure is at the forefront of cyber conversations across the public and private sectors. At a May 8 RSA Conference session in San Francisco, David Luber, director of cybersecurity at the National Security Agency (NSA), emphasized his concerns about increasing attacks against critical infrastructure.

“I think the area of most concern for me is when cyber can turn to physical,” Luber said.

“When the outcome of a cyberattack, especially in critical infrastructure, turns to some sort of physical impact, whether it’s in some of the smaller scale activities, water overflowing, but then on amore broad scale, you can just use your imagination on where some of those physical manifestations and impacts can occur.”

Critical infrastructure security remains a top priority for various federal agencies, spearheaded by CISA’s efforts to protect these sectors.

This post was originally published on the 3rd party site mentioned in the title of this this site

Similar Posts