Largest hospital breach ever?


Potentially the largest cyberattack on a medical facility in U.S. history took place last weekend. Universal Health Services, a Fortune 500 major hospital chain with over 90,000 employees, and over 400 locations was in chaos, having to use pen and paper to see patients.

Doctors and nurses around the globe are already burdened by the coronavirus pandemic and in a statement issued on UHS’s website, the outage was due to an unspecified IT “security issue” but UHS employees have since gone onto Reddit, confirming the ransomware attack. BleepingComputer, an online cybersecurity news site, spoke to UHS employees who described the ransomware with the characteristics of Ryuk, which has been widely linked to Russian cybercriminals and used against large enterprises.

Criminals have been increasingly targeting health care institutions with ransomware during the pandemic, infecting networks with malicious code that scrambles data. To unlock it, they demand payment, sometimes millions of dollars in untraceable bitcoin. Even more alarming, private data is often copied offsite by the criminals before computers and servers are encrypted. That way it can be used for extortion later. Earlier last month, the first known fatality related to ransomware occurred in Duesseldorf, Germany, after an attack caused IT systems to fail and a critically ill patient didn’t make it.

Imagine doctors and nurses unable to see patient history, medications, x-rays, machines that monitor heart rate and blood pressure – all offline. Even the phones weren’t working! BTW, hackers usually deploy ransomware over a weekend when the IT staff is usually off. We are quite aware of this – and have had many weekends ruined by these guys.

Now if this can happen to a fortune 500 hospital chain, ask yourself – what are the chances it could happen at your company and how would you and your clients be affected? According to the FBI’s Internet Crime Center, cybercrime has more than quadrupled since the pandemic began. Cybercrime has never been easier and more profitable than it is now and make no mistake, your business is a target. If you’re interested in having us look at your company’s security posture feel free to reach out. We can help.

Hopefully this video has been interesting and informative and if you know of someone who might benefit from it, pass it along. We’re all in this together and thank you for giving us the opportunity to be of service to the community.

Stay safe out there

-A