Cyber attacks and a death
In September 2020, Universal Health Services (UHS) , a network of hospitals and health services with more than 400 facilities in the U.S., Puerto Rico and the United Kingdom, was attacked by Russian ransomware ‘Ryuk’ .
This was not the first cyber attack on a UHS hospital. Security company Advance Intel through the Andariel intelligence platform reported that trojan malware infected Universal Health Services in the course of 2020.
The UHS network has not confirmed the details of the attack, but reports from UHS officials indicate that the attack was the result of a successful phishing expedition.
The attack deactivated computers and telephone systems and forced hospitals to switch back to manual, paper-based systems to continue operations. They also had to redirect ambulances and move surgical patients to other unaffected facilities.
In general, in large and complex organizations, cleaning and restoring the system is not simple or fast. A UHS press release on 10/12/2020 announced “… we had no indication that any patient or employee’s data was accessed, copied or misused”.
He also stated that operations returned to normal after a total of 16 days. That downtime cost more than $ 1,000,000 a day or more, which was a serious blow to UHS finances. It is not known whether the institution paid the ransom.
A cyber attack always has consequences for organizations, but when a ransomware hits the health segment, there is a real risk of death.
In the case of UHS there were unconfirmed rumors that four patients died because doctors had to wait for the results of laboratory tests delivered by couriers, instead of electronic delivery. While these are rumors, there is a known case of a patient who died due to a ransomware attack at a hospital in Europe in September 2020.
The professionals will examine and evaluate security strategies and defenses. It is the responsibility of the Cyber Security Specialist to create new defensive systems and protocols.
The note delivered by the ransomware showed that the intended target was not actually the hospital, but Heinrich Heine University. The police contacted the hackers through the instructions in the ransom note left by the malware and explained the error, after which the hackers withdrew their request and provided the decryption key. However, a patient with a serious illness referred to another distant hospital, died.