Patients of a Vermont Hospital Are Left ‘in the Dark’ After a Cyberattack

A wave of damaging attacks on hospitals upended the lives of patients with cancer and other ailments. From a report: At lunchtime on Oct. 28, Colleen Cargill was in the cancer center at the University of Vermont Medical Center, preparing patients for their chemotherapy infusions. A new patient will sometimes be teary and frightened, but the nurses try to make it welcoming, offering trail mix and a warm blanket, a seat with a view of a garden. Then they work with extreme precision: checking platelet and white blood cell counts, measuring each dosage to a milligram per square foot of body area, before settling the person into a port and hooking them up to an IV. That day, though, Ms. Cargill did a double-take: When she tried to log in to her work station, it booted her out. Then it happened again. She turned to the system of pneumatic tubes used to transport lab work. What she saw there was a red caution symbol, a circle with a cross. She walked to the backup computer. It was down, too.

“I wasn’t panicky,” she said, “and then I noticed my cordless phone didn’t work.” That was, she said, the beginning of the worst 10 days of her career. Cyberattacks on America’s health systems have become their own kind of pandemic over the past year as Russian cybercriminals have shut down clinical trials and treatment studies for the coronavirus vaccine and cut off hospitals’ access to patient records, demanding multimillion-dollar ransoms for their return. Complicating the response, President Trump last week fired Christopher Krebs, the director of CISA, the cybersecurity agency responsible for defending critical systems, including hospitals and elections, against cyberattacks, after Mr. Krebs disputed Mr. Trump’s baseless claims of voter fraud. The attacks have largely unfolded in private, as hospitals scramble to restore their systems — or to quietly pay the ransom — without releasing information that could compromise an F.B.I. investigation. […] The latest wave of attacks, which hit about a dozen hospitals in the United States, was believed to have been conducted by a particularly powerful group of Russian-speaking hackers that deployed ransomware via TrickBot, a vast network of infected computers used for cyberattacks, according to security researchers who are tracking the attacks.