Ransomware suspected in MedStar Health attack, experts say
MedStar has reported no information was compromised during the attack.
MedStar Health is still offline after a cyber attack rendered the non-profit healthcare provider's network unusable, although the organization said its facilities are up and running.
MedStar has not stated the situation surrounding its attack, but said on its Facebook page that a virus had hit its network preventing some users from logging on and using the system. It has taken its system offline to prevent the problem from spreading. MedStar runs 10 health facilities in the Maryland, Washington, D.C. area.
“We are working with our IT and Cyber-security partners to fully assess and address the situation. Currently, all of our clinical facilities remain open and functioning. We have no evidence that information has been compromised. The organization has moved to back-up systems paper transactions where necessary,” MedStar said on Facebook.
Networks temporarily shut down to prevent virus spread. We have no evidence of compromised information. All facilities remain open.— MedStar Health (@MedStarHealth) March 28, 2016
“Even though it has not been officially acknowledged by MedStar Health, chances are high that they had been infected by ransomware, the 2016 plague which seems to be targeting a lot of critical infrastructure like hospitals recently,” David Melamed, Senior Research Engineer, Cloudlock, told SCMagazine.com in an email Monday.
MedStar is the latest medical facility to be hit with a cyber incident. Over the last month several, including Henderson, Ky.-based Methodist Hospital, Hollywood Presbyterian Medical Center were hit with ransomware attacks.
Other industry executives noted that the increasing number of attacks on healthcare facilities is starting to impact public perception regarding the cyber security of the nation's health infrastructure.
“The speed with which this attack is seeing public coverage is evidence of the increasing frequency and familiarity of these attacks to the general public. These new attacks are becoming so frequent and disruptive that the general public cannot help but become more concerned,” said Jack Danahy, CTO and co-founder of Barkly, to SCMagazine via email on Monday.
The fact that Medstar Health and the others are so easily being taken down shows the health sector, despite increasing its efforts of late, needs to pick up its game even faster if it expects to no longer be considered an easy mark.
While we are seeing a lot of proactive effort going into cybersecurity in the healthcare space, they have a lot of catching up to do. Between this and the rash of hacks affecting PII in 2015, it's clear that they are on the attackers radar right now,” said Bugcrowd CEO and Found Casey Ellis to SCMagazine.com in an email.SCMagazine.com attempted to contact MedStar Health for further comment, but has not yet received a reply.