Written by Sean Lyngaas
A pair of hacks at health care organizations revealed in recent days highlights the enduring cybercriminal threat to the sector as the U.S. makes progress in fighting the coronavirus pandemic.
Scripps Health, a San Diego-based nonprofit system with five hospital campuses, on May 1 said that it had suspended access to IT applications that support its health care facilities following a “security incident.” The incident forced Scripps to reschedule some patient appointments for Saturday and Monday, but “patient care continues to be delivered safely and effectively at our facilities,” the nonprofit said in a statement on its Facebook page. (Scripps’ website was still down by press time on Tuesday morning.)
Meanwhile, Midwest Transplant Network, a Kansas-based organization that connects organ donors with recipients, said it had been working to determine if patients’ personal health data had been affected by a recent breach. NPR affiliate KCUR reported that some 17,000 people have been affected by the apparent ransomware attack on the organ transplant organization in which the perpetrators obtained some health information on deceased donors and organ recipients.
“There is no evidence that the exfiltrated data has been misused or distributed by the cybercriminals,” Midwest Transplant Network said in a statement.
The two incidents underscore how, more than a year into a pandemic that has cost more than 3 million lives globally, cybercriminals are still disrupting the networks of health organizations of various sizes. By the first week of December 2020, there were nearly double the amount of publicly reported ransomware attacks on health care providers compared to all of 2019, according to threat intelligence firm Recorded Future.
The string of hacks prompted cybersecurity professionals around the world to volunteer their time to try to protect health care providers. While those volunteers managed to alert many organizations of vulnerabilities, ransomware gangs continued to target the health sector, culminating in a wave of intrusions of U.S. hospital networks in October.
“Extensive cyber vulnerabilities across the healthcare industry create potentially lucrative targets for malicious ransom-seeking actors, driving the significant increase in attacks against health care facilities,” says a report released last month by the Ransomware Task Force, a collaboration of government and industry experts. The task force recommended that U.S. prosecutors prioritize and seek harsher punishments for ransomware cases that threaten public health and safety.