Several hospitals and clinics across the US were affected by ransomware attacks over the weekend. Staff found themselves unable to use their facilities’ crippled IT systems, forcing them to cancel surgeries and divert a number of patients to other fully operational clinics and hospitals to receive treatment.
Hospitals hacked and hamstrung
The hackers responsible for the attack specifically targeted Memorial Health System, which is responsible for 64 medical facilities in the US. In a statement, Memorial Health System names three critically affected hospitals: Marietta Memorial, Selby General, and Sistersville General. The staff there are currently working with pen and paper as systems and are being restored.
According to Memorial Health System’s CEO, Scott Cantley, yesterday’s (Monday, 16 August) urgent surgical cases, as well as radiology exams, were cancelled, and subsequent cancellations and diversions to functioning facilities are likely to continue while systems are still being brought to working order.
In terms of risks to employee and patient data, Cantley said, “At this time no known patient or employee personal or financial information has been compromised. We are continuing to work with IT security experts to methodically investigate to precisely understand what happened and are taking the appropriate actions to resolve any and all issues.”
Memorial Health System is currently working with cyber-security experts to restore services, and has also notified US federal law enforcement of the attack.
Cybercriminals have been seen to go after seemingly strange industries and business in pursuit of a paycheck, such as oil pipelines and meat packers, as well as more obvious targets like IT service providers. According to Ars Technica some hacker groups make a moral point of not going after targets that could have far-reaching and devastating effects on people affected, like schools and hospitals. For others, the payout is all that matters.