Ascension, a not-for-profit healthcare establishment in United States, a network of 140 hospitals across the country reported “unusual activity” on select technology which has invoked regulatory concerns amongst stakeholders
The Ascension Healthcare Network announced on Wednesday that its clinical operations were disrupted in consequence to a cyber event which was incoming from unauthorized party. “We detected unusual activity on select technology network systems which we now ascertain is due to a cyberattack event.” Ascension is an umbrella organization spread under a network of 140 hospitals across United States, including 14 in the Chicago area.
One of the largest private healthcare systems in the United States , ranking second by number of hospitals, Ascension’s announcement crippled United States healthcare infrastructure, worrying the implications a cyber attack can have on routine medical operations. No “major” disruption was reported, only access to some systems were revealed “interrupted”, by Ascension authorities.
In the news release, Ascension informed that it responded immediately. “Our care teams are trained for these kinds of disruptions and have we have initiated an investigation in collaboration with a third party expert, Mandiant, to determine if any sensitive information was affected, should it be affected, we will notify and support those individuals in accordance with regulatory and legal guidelines.” The healthcare magnate has revealed all immediate steps it had taken to contain the attack, opened investigation to find the culprit and inform all stakeholders involved.
Hospitals have become an “easy” target to cyberattacks
The cyber security event in Ascension is not the first one, this year. But it definitely invoked a “necessary” conversation, keeping its scalability in mind. It requires something absolutely gigantic to happen, for an event to come into public notice. For an illustrious institution like Ascension to become a victim of unlawful infiltration, Paul Keener, a cybersecurity strategist optimizes is a “good thing”.
The speedy public response, sets Ascension’s reaction apart from other hospitals that have experienced something similar, like the one at Lurie’s that took two weeks to resolve. In January, Lauri’s Children Hospital in Chicago was also hit with a high-profile cyberattack. As a result of this attack, all important digital tools, like phone, email and other offline systems were taken offline.
U.S healthcare system has suffered from a spike in ransomware attacks in recent years. Threat Intelligence Company, Cyble, reports 105 ransomware attacks on the healthcare sector globally since February 1, of which 77 were in United States. The impact of a cyberattack in healthcare sector reverberates through the economy, to an extent that when one or two of those big players goes down, so goes down the industry.
A recent cyberattack on Change Healthcare, compromised sensitive patient data and created billing headaches at pharmacies, and hospitals, nationwide, threatening to put some healthcare professionals out of business and risking lives of millions.
Cybersecurity expert unearths motivation behind online attacks in hospitals
Paul Kenner, a cybersecurity strategist at GuidePoint Security, discloses the intention behind attackers infiltrating healthcare system, “Hospitals are some of the most connected places in the world.” He emphasizes “money” as a solitary entity, vicious enough to infect even a well-read mind. Billions of chains of data stored via separate algorithm in huge capacities are leveraged to create false identities and power through essential documentation requirements.
“When it comes to cyberattacks, that is about money. It is not a personal attack against the hospital. It is not a personal attack against the business. It is about money. And so where they can leverage that data, they are pulling to go and maybe create false identities, apply for credit cards.”
A cyberattack multiplies at an extraordinary pace that can contaminate an entire network system. Once contaminated it disables proprietary access and necessitates internal bleeding. Access to unauthorized client is granted – only if remains for long, it can destroy, steal, expose or alter data, applications or other assets stored in the digital device. The cyberattack space has grown exponentially since the advent of online networking – once contained to domestic threats only, now these attacks have become an indispensable tool for countries to acquire important data of its enemies – citing it as an “act of war”.
