Ransomware attack forces DCH Health Systems to turn away patients
DCH Health Systems is turning away all but the most critical patients from its three hospitals in response to its computer network being rendered unusable by a ransomware attack.
One day prior several hospital’s in Australia were also forced offline by a ransomware attack.
The attack hit DCH on October 1 prompting the Alabama hospital network to implement emergency procedures. DCH has only given out a limited amount of information with no mention of how far the ransomware spread or if there has been a ransom demand.
While the attack
has impacted DCH’s ability to accept new patients, we are still able to provide
critical medical services to those who need it. Patients who have non-emergency
medical needs are encouraged to seek assistance from other providers while DCH works
to restore its systems,” the facility said on its Facebook page.
DigitalMunition has attempted
to contact DCH for additional information.
Felix Rosbach, product manager at comforte AG, told DigitalMunition
that due to the highly sensitive nature of medical information many providers
are unwilling to trust it to outside, cloud-based organizations, but he noted
there are procedures and technology available that will protect his data.
“The fact that hackers target hospitals shows they have no
remorse for the desperate patients who seek aid. Hospitals contain some of the
most sensitive information we have, such as medical records, payment
information and other personal identifiable information. The adoption of a data
centric security approach, protecting sensitive data with pseudonymization
technology like tokenization, allows organizations to embrace modern technology
like hybrid or multi-cloud computing while still being compliant and secure.
This results in more options for fallback and less risk when it comes to
ransomware attacks.”
J.J. Thompson, Sophos’ senior director of managed threat
response, agreed.
“Ransomware is foreseeable and preventable. Organizations need to have effective, advanced protection in place at every state of an attack. The techniques, tactics and procedures that occur prior to a ransomware incident can and should be detected by existing security capabilities and are foundational pillars to the patient care model in healthcare 4.0. It’s also important to have off-site backups to reduce the pressure to comply with expensive ransom demands and to be able to recover faster,” he said.
Australia’s Department of Premier and Cabinet reported on September 30 the information technology systems at a number of hospitals and health services in Gippsland and south-west Victoria were hit with ransomware.
To combat the attack some systems have been shut down and where practicable staffers have switched paper record keeping and some procedures are being rescheduled.
Gloss