Info expected to emerge slowly in hospital chain cyberattack

Oct 7, 2022, 3:44 PM | Updated: Oct 10, 2022, 7:59 am
The MercyOne Des Moines Medical Center campus is seen, Thursday, Oct. 6, 2022, in Des Moines, Iowa....

The MercyOne Des Moines Medical Center campus is seen, Thursday, Oct. 6, 2022, in Des Moines, Iowa. Diverted ambulances. Cancer treatment delayed. Electronic health records offline. These are just some of ripple effects of an apparent cyberattack on the major nonprofit health system that disrupted operations throughout the U.S. Meanwhile, The Des Moines Register said the incident occurred Monday, Oct. 3, 2022, and forced the diversion of five ambulances from the emergency department of the city's Mercy One Medical Center to other medical facilities. (AP Photo/Charlie Neibergall)

(AP Photo/Charlie Neibergall)

CHICAGO (AP) — Details of an apparent cyberattack on one of the largest health systems in the U.S. were slow to emerge as security experts on Friday warned that it often takes time to assess the full impact on patients and hospitals.

Earlier this week, CommonSpirit Health confirmed it experienced an “IT security issue” but it has yet to answer detailed questions about the incident, including how many of its 1,000 care sites that serve 20 million Americans may have been affected. The health system giant, which is the second largest nonprofit health system in America, has 140 hospitals in 21 states.

“It actually takes a while to fully know the scope because you’re in the middle of trying to restore all your systems,” said Allan Liska, an analyst with the cybersecurity firm Recorded Future. “You’re trying to get patient care up and running. You’re trying to get your nurses and your doctors back to the systems they need.”

Healthcare organizations are an appealing target for cyber attackers — particularly those who use malware to lock up a victim organization’s files and leverage the information for a payment. Ransomware has remained a persistent threat for the industry, which is among the 16 sectors the U.S. government classifies as critical infrastructure.

“Ransomware actors know that’s going to cause a lot of disruption,” Liska said.

Health care systems in 2021 saw an unusually high amount of attacks, with 285 publicly reported worldwide, Liska added. So far, Liska’s firm has tracked 155 this year with an average of 20 attacks happening a month. However, he estimated that only about 10% of ransomware attacks are publicized.

Cybersecurity experts said years of work have built health care leaders’ trust in the FBI and other federal agencies focused on cyber crime.

An FBI spokesperson declined to comment on whether they were investigating the CommonSpirit Health cyberattack.

John Riggi, the American Hospital Association’s national advisor for cybersecurity and risk, said he could not discuss CommonSpirit specifically. In general, though, he said it can take days, weeks or more to discover how an attacker gained access, determine what damage has been done and prevent further harm.

Riggi, who spent nearly 30 years with the FBI, called any significant cyber attack on a hospital “a potential risk to patient safety” and said the U.S. government takes that seriously. Their goal, he said, is to identify the attacker and make their identity and methodology public.

“They don’t want to show their hand, what they know about the bad guys,” he said. “You’re really processing a crime scene in real time.”

But there are risks to victims of cyber attacks who fail to communicate their response plan and strategies for recovery, said Mike Hamilton, the chief information security officer with Critical Insights Cybersecurity in Washington state.

The reaction of patients, staff and affiliated health care operations to the chain’s handling of the incident all could affect the company’s future survival, he said.

“Here’s how close we are to resolution, here’s where we’re diverting, here are the other hospitals we’re partnering with,” Hamilton said. “They need to be sure they’re communicating … because so many people are being impacted by this.”

___

Kruesi reported from Nashville, Tenn.

Copyright © The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

AP

FILE - Dylan Brandt speaks at a news conference outside the federal courthouse in Little Rock, Ark....
Associated Press

Landmark trial on Arkansas trans youth medical ban wraps up

LITTLE ROCK, Ark. (AP) — The nation’s first trial on a ban on gender-confirming care for children ended Thursday, as Arkansas wrapped up its case defending the prohibition with testimony from an endocrinologist opposed to such treatments for minors. U.S. District Judge Jay Moody, who is considering whether to strike down the law after hearing […]
17 hours ago
President Joe Biden speaks about Russian President Vladimir Putin and the war in Ukraine in respons...
Associated Press

EXPLAINER: US-European differences on climate law persist

WASHINGTON (AP) — President Joe Biden on Thursday tried to allay concerns raised by French President Emmanuel Macron about a clean energy law that benefits electric vehicles and other products made in North America. But the U.S. and Europe remain divided over the landmark law. Hours before hosting Macron at a state dinner. Biden acknowledged […]
17 hours ago
Associated Press

Airbnb urged to require carbon monoxide devices after 3 die

NEW ORLEANS (AP) — Family members of three tourists who died while staying at an Airbnb in Mexico City, apparently of carbon monoxide poisoning, urged the short-term rental company Thursday to require detectors in properties it lists to prevent future tragedies. “Our main goal is to try to get the word out to those planning […]
17 hours ago
Associated Press

Kansas justice chides state law school for ‘closed’ climate

TOPEKA, Kan. (AP) — A member of Kansas’ highest court has resigned in protest from a part-time teaching job at a state law school following what he says was an unsuccessful attempt by the university to pressure students into canceling an event featuring a leader of a group that opposes LGBTQ rights. State Supreme Court […]
17 hours ago
State Sen. Robert Peters, D-Chicago, center, testifies before the Senate Executive Committee on Thu...
Associated Press

Illinois Senate OKs crime bill cleanup and sends it to House

SPRINGFIELD, Ill. (AP) — The Illinois Senate approved Democrats’ followup clarifications of their landmark criminal justice overhaul Thursday, appeasing critics by adding numerous offenses to a list of crimes that qualify a defendant to remain jailed while awaiting trial. The Senate voted 38-17 to send the changes to the House for action the final day […]
17 hours ago
FILE - Former President Donald Trump's Mar-a-Lago club is seen in the aerial view in Palm Beach, Fl...
Associated Press

Trump probe: Court halts Mar-a-Lago special master review

WASHINGTON (AP) — A unanimous federal appeals court on Thursday ended an independent review of documents seized from former President Donald Trump’s Florida estate, removing a hurdle the Justice Department said had delayed its criminal investigation into the retention of top-secret government information. The decision by the three-judge panel represents a significant win for federal […]
17 hours ago

Sponsored Articles

...
Quantum Fiber

Stream 4K and more with powerful, high-speed fiber internet

Picking which streaming services to subscribe to are difficult choices, and there is no room for internet that cannot handle increased demands.
...
SCHWARTZ LASER EYE CENTER

Key dates for Arizona sports fans to look forward to this fall

Fall brings new beginnings in different ways for Arizona’s professional sports teams like the Cardinals and Coyotes.
...
Day & Night Air Conditioning, Heating and Plumbing

Here are 4 signs the HVAC unit needs to be replaced

Pool renovations and kitchen upgrades may seem enticing, but at the forefront of these investments arguably should be what residents use the most. In a state where summertime is sweltering, access to a functioning HVAC unit can be critical.
Info expected to emerge slowly in hospital chain cyberattack