In recent news, a cyberattack disrupted 5 hospitals and healthcare, forcing some emergency rooms to be closed and ambulances diverted. A ransomware attack on a shared IT service organization caused the attack, which is forcing five hospitals in Ontario to reschedule patient appointments and shift non-emergency patients to other nearby hospitals and facilities. The attack affected Transform, a not-for-profit shared services organization that provides IT and other services for Windsor Regional Hospital, Bluewater Health Hospital, Chatham Kent Health Alliance Hospital, Erie Shores HealthCare, and Hotel-Dieu Grace Healthcare. Patients are being contacted individually, and the hospitals are working hard to return to normal operations as soon as possible.
The recovery process can often take weeks, with hospitals in the meantime reverting to manual systems. The healthcare industry remains the top target for cyberattacks, with the most expensive breaches in any field averaging $11 million each. Hospitals have been working to implement better safeguards and more backup systems to prevent such attacks and respond to them when they occur.
The five hospitals – Bluewater Health of Sarnia, Ont.., Chatham Kent Health Alliance, Erie Shores Healthcare of Leamington, Ont.., Hotel-Dieu Grace Healthcare, and Windsor Regional Hospital – said in a joint statement that a cyberattack on their IT provider, Transform Shared Service Organization, is impacting IT services.
“Unfortunately, this incident is impacting our provision of care in various ways,” the hospitals said in a statement. “We are investigating the scope and cause of this incident, including whether any patient information was affected. Our investigation is ongoing, and we will provide further updates as appropriate. We will not be providing further comment in response to this statement.”
People who don’t need emergency care have been asked not to go to the hospitals for the time being. Instead, they should contact their family doctor or a local clinic. Patients scheduled to have treatment were being contacted to reschedule appointments to provide alternative arrangements.
Even though Transform does not provide any more details about the nature of the attack, it’s highly likely that this is a supply chain attack since all members of the hospitals are experiencing problems. The affected hospitals asked patients to reduce the impact by only visiting the hospitals if they needed emergency care. This is because there is no clarity about the nature of the attack. It is hard to say what consequences it may have on the hospitals and their patients.
The attack highlights the need for better safeguards and more backup systems to prevent such attacks and ensure how to respond when one occurs. Hospitals and healthcare providers need to invest in cybersecurity measures to protect their patient’s data and ensure that their operations are not disrupted by cyberattacks. This includes implementing strong passwords, firewalls, and antivirus software, as well as regularly backing up and testing disaster recovery plans.
Whether in a physical or digital world, every attack involves the exploitation of a weakness. Continuous vulnerability and exposure management (CVEM) is a modern approach to cybersecurity that provides 24/7 monitoring of an organization’s IT and security infrastructure. It also automates the process of reducing security risks because exposure management alone is insufficient. CVEM is a continuous requirement for meeting IT security best practices and compliance. It gives organizations a broad view across their modern attack surface, enabling them to understand their cyber risk better and make better business decisions.