A major hospital chain in the United States, United Health Services, has been hit with a ransomware attack on early Sunday morning, September 27, 2020. According to NBC News, the cyberattack is considered one of the largest medical incidents in United States history.
United Health Services runs approximately 400 hospitals and care centers both across the United States and the United Kingdom.
Ransomware is a type of malicious attack that aims to extort money or ransom payments from their victims in exchange for providing victims access to their computers and devices after being locked out by their attackers.
NBC News notes that ransomware is one of the most persistent and prevalent types of attacks to plague healthcare providers and hospitals alike. The news site states that the virus pandemic has brought on increased concerns for attackers to possibly target medical organizations and institutions.
Moreover, ransomware is designed to attack and spread across computer networks. It seeks to encrypt files to give attackers leverage against their victims.
Following the incident, NBC News revealed that the computer systems of UHS began to fail, thereby urging some facilities to use pen and paper to fill out patient information.
In an interview with Tech Crunch, one of the two people familiar with the matter said the computer screens manifested text that seemed to refer to the “shadow universe” and is consistent with the Ryuk ransomware associated with the Russian cybercrime group called Wizard Spider.
Apart from UHS, the Russian cybercrime unit has already targetted other big names such as the U.S. Coast Guard and Pitney Bowes, notes Tech Crunch.
Employees working at the facilities said that the disruption has made work challenging, especially with most of the medication and patient charts updated online. Reuters reports that the outage may last for more than 24 hours, while ZD Net reveals that some healthcare providers have not provided patients with their medications as records remained inaccessible.
Despite repeated requests for an interview, UHS has yet to comment on the incident. Instead, it released a public statement on its website, saying “The IT Network across Universal Health Services (UHS) is currently offline, due to an IT security issue.”
In its statement, the company said that it is working to restore its operations and that it is working with a team of IT security experts in the field. In addition, the company also assured the public that “No patient or employee data appears to have been accessed, copied or misused.”
