Hospital IT director foils ransomware attack with quick thinking

por John R. Fischer, Senior Reporter | January 26, 2022
Cyber Security Health IT
An IT director at a Florida hospital helped contain and prevent a ransomware attack from spreading
Quick thinking on the part of an IT director in the middle of the night may have spared a Florida hospital from having its patients’ information compromised by a well-known ransomware attack.

The charting system at Jackson Hospital was hit earlier this month by Mespinoza, a ransomware attack that has infected up to 190 organizations worldwide across industries, including several in healthcare, says the Department of Health and Human Services.

Hospital IT director Jamie Hussey, who was alerted to the attack just before midnight on Sunday, January 9, knew that he did not have much time to keep the virus from spreading. He quickly ordered all of the hospital’s computer systems to be shut down and for staff to continue their work, albeit with pen and paper, to keep the hospital running, according to CNN.
DOTmed text ad

Reveal Mobi Pro now available for sale in the US

Reveal Mobi Pro integrates the Reveal 35C detector with SpectralDR technology into a modern mobile X-ray solution. Mobi Pro allows for simultaneous acquisition of conventional & dual-energy images with a single exposure. Contact us for a demo at no cost.

The result, he told CNN, was uninterrupted patient care. "If we hadn't stopped it, it probably would've spread out through the entire hospital.”

Upon shutting down its computer systems, the hospital’s downtime procedures kicked in, with physicians taking notes and prescribing medicine to patients by hand. Even after downtime procedures ended, the hospital was still meticulous in rebooting digital operations to ensure the virus was not lingering. While most computer systems were up and running by Wednesday, the emergency room’s charting system was expected to be offline for the rest of the week, said Hussey, with doctors in the department getting ER patient records from other parts of the hospital network.

Hussey and his team evaluated each computer system, starting with the most critical, to ensure they were not infected with ransomware. They physically disconnected the hospital’s EHR system from the rest of the computer network to check for malicious code before reconnecting to it.

The attackers managed to encrypt a computer server that Jackson Hospital uses to store non-critical organizational documents. While not aware of any ransom demand from the hackers, Hussey is trying to determine if any patient data was in the files and if so, if the hospital should pay a ransom to get them back.

In the past year and a half, 82% of healthcare providers have experienced some form of an IoT cyberattack, according to a report by data security firm Medigate and cloud-based protection provider CrowdStrike. Of these, 34% were hit with ransomware and of this group, 33% paid the ransom, but only 69% reported a full restoration of their data.

You Must Be Logged In To Post A Comment