Info expected to emerge slowly in hospital chain cyberattack

Oct 7, 2022, 3:44 AM | Updated: Oct 9, 2022, 10:24 am
The MercyOne Des Moines Medical Center campus is seen, Thursday, Oct. 6, 2022, in Des Moines, Iowa....

The MercyOne Des Moines Medical Center campus is seen, Thursday, Oct. 6, 2022, in Des Moines, Iowa. Diverted ambulances. Cancer treatment delayed. Electronic health records offline. These are just some of ripple effects of an apparent cyberattack on the major nonprofit health system that disrupted operations throughout the U.S. Meanwhile, The Des Moines Register said the incident occurred Monday, Oct. 3, 2022, and forced the diversion of five ambulances from the emergency department of the city's Mercy One Medical Center to other medical facilities. (AP Photo/Charlie Neibergall)

(AP Photo/Charlie Neibergall)

CHICAGO (AP) — Details of an apparent cyberattack on one of the largest health systems in the U.S. were slow to emerge as security experts on Friday warned that it often takes time to assess the full impact on patients and hospitals.

Earlier this week, CommonSpirit Health confirmed it experienced an “IT security issue” but it has yet to answer detailed questions about the incident, including how many of its 1,000 care sites that serve 20 million Americans may have been affected. The health system giant, which is the second largest nonprofit health system in America, has 140 hospitals in 21 states.

“It actually takes a while to fully know the scope because you’re in the middle of trying to restore all your systems,” said Allan Liska, an analyst with the cybersecurity firm Recorded Future. “You’re trying to get patient care up and running. You’re trying to get your nurses and your doctors back to the systems they need.”

Healthcare organizations are an appealing target for cyber attackers — particularly those who use malware to lock up a victim organization’s files and leverage the information for a payment. Ransomware has remained a persistent threat for the industry, which is among the 16 sectors the U.S. government classifies as critical infrastructure.

“Ransomware actors know that’s going to cause a lot of disruption,” Liska said.

Health care systems in 2021 saw an unusually high amount of attacks, with 285 publicly reported worldwide, Liska added. So far, Liska’s firm has tracked 155 this year with an average of 20 attacks happening a month. However, he estimated that only about 10% of ransomware attacks are publicized.

Cybersecurity experts said years of work have built health care leaders’ trust in the FBI and other federal agencies focused on cyber crime.

An FBI spokesperson declined to comment on whether they were investigating the CommonSpirit Health cyberattack.

John Riggi, the American Hospital Association’s national advisor for cybersecurity and risk, said he could not discuss CommonSpirit specifically. In general, though, he said it can take days, weeks or more to discover how an attacker gained access, determine what damage has been done and prevent further harm.

Riggi, who spent nearly 30 years with the FBI, called any significant cyber attack on a hospital “a potential risk to patient safety” and said the U.S. government takes that seriously. Their goal, he said, is to identify the attacker and make their identity and methodology public.

“They don’t want to show their hand, what they know about the bad guys,” he said. “You’re really processing a crime scene in real time.”

But there are risks to victims of cyber attacks who fail to communicate their response plan and strategies for recovery, said Mike Hamilton, the chief information security officer with Critical Insights Cybersecurity in Washington state.

The reaction of patients, staff and affiliated health care operations to the chain’s handling of the incident all could affect the company’s future survival, he said.

“Here’s how close we are to resolution, here’s where we’re diverting, here are the other hospitals we’re partnering with,” Hamilton said. “They need to be sure they’re communicating … because so many people are being impacted by this.”

___

Kruesi reported from Nashville, Tenn.

Copyright © The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

AP

FILE - A Boeing 747-8, Boeing's new passenger plane, takes its first flight, Sunday, March 20, 2011...
Associated Press

Boeing’s last 747 to roll out of Washington state factory

After more than half a century, Boeing is set to roll its last 747 out of a Washington state factory on Tuesday.
8 hours ago
President Joe Biden speaks in the Roosevelt Room of the White House, Thursday, Dec. 8, 2022, in Was...
Associated Press

WNBA star Griner freed in swap for Russian arms dealer Bout

WASHINGTON (AP) — Russia freed WNBA star Brittney Griner on Thursday in a dramatic prisoner exchange, as the U.S. released notorious Russian arms dealer Viktor Bout but failed to win freedom for another American, Paul Whelan, who has been jailed for nearly four years. The swap, at a time of heightened tensions over Ukraine, achieved […]
8 hours ago
FILE - A flyer seeking information about the killings of four University of Idaho students who were...
Associated Press

Idaho police seek car seen near site where 4 students killed

Police are asking for help finding the occupant of a car that was seen near where four University of Idaho students were stabbed to death last month, saying that person could have "critical information" about the case.
1 day ago
Associated Press

Sri Lanka’s Parliamant approves budget amid economic crisis

COLOMBO, Sri Lanka (AP) — Sri Lanka’s Parliament approved a budget on Thursday that includes reforms aimed at improving the country’s finances as it attempts to recover from its worst economic crisis. The 5.82 trillion rupee ($15 billion) budget includes a 43 billion rupee ($117 million) relief package for those affected by the crisis. The […]
1 day ago
Associated Press

Judge unseals documents in gay bar shooter’s earlier case

COLORADO SPRINGS, Colo. (AP) — A judge on Thursday ordered unsealed documents from the 2021 arrest of the Colorado Springs gay bar shooter following a bomb threat and standoff between the suspect and authorities. Judge Robin Chittum said the public interest in the case outweighed the privacy rights of defendant Anderson Lee Aldrich. More than […]
1 day ago
Deborah Sampson, left, a nurse at a University of Washington Medical Center clinic in Seattle, give...
Associated Press

FDA clears updated COVID-19 vaccines for kids under age 5

U.S. regulators on Thursday cleared doses of the updated COVID-19 vaccines for children younger than age 5. The Food and Drug Administration’s decision aims to better protect the littlest kids from severe COVID-19 at a time when children’s hospitals already are packed with tots suffering from a variety of respiratory illnesses. Omicron-targeted booster shots made […]
1 day ago

Sponsored Articles

Comcast Ready for Business Fund...
Ilona Lohrey | President and CEO, GSBA

GSBA is closing the disparity gap with Ready for Business Fund

GSBA, Comcast, and other partners are working to address disparities in access to financial resources with the Ready for Business fund.
SHIBA WA...

Medicare open enrollment is here and SHIBA can help!

The SHIBA program – part of the Office of the Insurance Commissioner – is ready to help with your Medicare open enrollment decisions.
Lake Washington Windows...

Choosing Best Windows for Your Home

Lake Washington Windows and Doors is a local window dealer offering the exclusive Leak Armor installation.
Anacortes Christmas Tree...

Come one, come all! Food, Drink, and Coastal Christmas – Anacortes has it all!

Come celebrate Anacortes’ 11th annual Bier on the Pier! Bier on the Pier takes place on October 7th and 8th and features local ciders, food trucks and live music - not to mention the beautiful views of the Guemes Channel and backdrop of downtown Anacortes.
Swedish Cyberknife Treatment...

The revolutionary treatment of Swedish CyberKnife provides better quality of life for majority of patients

There are a wide variety of treatments options available for men with prostate cancer. One of the most technologically advanced treatment options in the Pacific Northwest is Stereotactic Body Radiation Therapy using the CyberKnife platform at Swedish Medical Center.
Work at Zum Services...

Seattle Public Schools announces three-year contract with Zum

Seattle Public Schools just announced a three-year contract with a brand-new company to the Pacific Northwest to assist with their student transportation: Zum.
Info expected to emerge slowly in hospital chain cyberattack