UMC Health System Grapples with IT Outage from Ransomware Attack

The organization’s facilities remained operational despite the IT outage.

By Jeff Wardon, Jr., Assistant Editor


Cyber incidents continue to grow across the healthcare industry and so does their intensity. With cybercriminals ramping up their tactics, situations can turn serious quickly. 

Cybercriminals resort to many different methods to extract what they want from their victims, such as ransomware, malware and phishing. All involve critical data being stolen from the victim through deception. Criminals can take it one step further by engaging in double extortion, where the victim is demanded to pay or risk having their data leaked. 

Some even require taking parts of systems offline and diverting patients for care while the organization investigates. UMC Health System recently experienced this scenario with a ransomware attack, according to their press release.

Despite the disruption, all UMC healthcare facilities remain operational. As a precaution, UMC temporarily diverted some emergency and non-emergency ambulance patients to other facilities, though they have now resumed accepting some patients. UMC is also collaborating with third-party experts to restore services. While the investigation continues, some systems were proactively disconnected to contain the incident. 

Related: Defending Healthcare Facilities Against Ransomware Attacks

Ransomware attacks and cyberattacks in the healthcare sector have become numerous, as Healthcare Facilities Today has reported 32 different cyber incidents just in 2024. Additionally, the healthcare and public health sector filed 249 ransomware complaints to the FBI in 2023, according to Econofact

The perceived vulnerabilities in healthcare systems are the main draw for cybercriminals, says Eric O’Neill, former counterterrorism and counterintelligence operative for the FBI.  

“Cyber criminals have long known that healthcare has not spent as much money on cybersecurity and cyber protection as other business verticals,” O’Neill says. “Criminals also know that when healthcare is successfully locked with ransomware, there's immense pressure to pay because the victim is so vulnerable.” 

However, since healthcare is part of critical infrastructure, it’s essential to secure the industry across the board with cybersecurity, O’Neill says.  

Moreover, with the deluge of attacks not looking to let up soon, healthcare facilities find themselves seeking out strategies to counter these cyber threats, such as information sharing.  

“I would liken intelligence sharing, or what we do at Health-ISAC, to like a virtual neighborhood watch program,” Errol Weiss, chief security officer at Health-ISAC. “So, if you experience a break in, you're able to share that experience with your peers, your neighbors, and let them understand how the bad guys got in.” 

Weiss adds that this lets other organizations know what the signs were beforehand, and by sharing this information, it also lets them check their own defenses. It enables them to see if they’re vulnerable too and if they can detect then prevent the attack from happening. Information sharing allows other healthcare organizations to shore up their defenses based on timely and actionable intelligence. 

Jeff Wardon, Jr., is the assistant editor for the facilities market. 



October 3, 2024


Topic Area: Information Technology , Security


Recent Posts

Alleged Ransomware Administrator Extradited from South Korea

The Phobos ransomware has been used globally to target over 1,000 organizations, including healthcare.


Design Plans Unveiled for New Intermountain St. Vincent Regional Hospital

The new hospital will be a 14-floor, 737,000 square-foot facility in Billings, Montana.


Ground Broken on New Pediatric Health Campus in Dallas

The new campus will replace the existing Children’s Medical Center Dallas.


Pre-Construction Strategies for Successful Facilities Projects

Savvy decisions can help facilities meet long-term goals by creating consistency and eliminating waste.


Geisinger Finds Success with Violence Prevention Efforts

Their safety measures included training staff in de-escalation, active-shooter response drills and equipping 6,000 employees with duress notification badges.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.