Critical computer systems at hospitals and clinics in several states have yet to return to normal operation after a cyber attack closed some emergency rooms and diverted ambulances.
Prospect Medical Holdings said in a statement Friday that progress was being made “to restore critical systems and restore their integrity.” But the company, which operates 16 hospitals and dozens of other medical facilities in California, Connecticut, Pennsylvania, Rhode Island and Texas, could not say when operations would return to normal.
“We do not yet have a firm timeline for how long it will take to restore all systems,” spokeswoman Nina Kruse said in a text message. “The forensic investigation is still ongoing and we are working closely with law enforcement officials .”
John Riggi, national advisor for cybersecurity and risk for the American Hospital Association, said the recovery process typically takes weeks, while hospitals revert to using paper-based systems and personnel to monitor equipment, run records between departments, and execute what is often done electronically. Other tasks handled by the method. when infringing say.
The attack, announced on Aug. 3, had all the hallmarks of ransomware ransomware, but officials have neither confirmed nor denied it. In such attacks, criminals steal sensitive data from a target’s network, activate crypto-malware, disable it, and demand a ransom.
The FBI advises victims not to pay the ransom because there’s no guarantee the stolen data won’t end up being sold on darknet criminal forums. Paying ransoms also encourages criminals and funds attacks, Riggi said.
Some elective surgeries, clinic appointments, blood donations and other services are still being postponed because of the attacks.
The Eastern Connecticut Health Network, which includes Rockville General Hospital and Manchester Memorial Hospital as well as some clinics and primary care providers, was operating on a temporary phone system Friday.
Waterbury Hospital has been using paper records instead of computer files since the attack but no longer transfers trauma and stroke patients to other hospitals, said Lauresha Xhihani, a spokeswoman for Waterbury Hospital. mechanism told american republican newspaper.
“PMH physicians, nurses and staff are trained to provide care when our electronic systems are not available,” Crews wrote. “Providing safe, high-quality care is our most important priority.”
Globally, the healthcare industry was the hardest hit by cyberattacks in the year to March, according to IBM’s annual report on data breaches. The company reported its costliest breach for the 13th year in a row, averaging $11 million per breach. This was followed by the financial sector with revenues of $5.9 million.
Health care providers are a common target for criminal extortionists because they possess sensitive patient data, including medical histories, payment information and even critical research data, Riggi said.