Three years after Steven Spielberg’s first blockbuster hit, Jaws 2 was released with one of the most memorable taglines in movie history: “Just when you thought it was safe to go back into the water.” The thinking was that the passage of time would allow the mind to ease back into its previous patterns where safety and security are the norm. Everything is going to be fine—even in five feet of saltwater.
A Scary Sequel
It wasn’t that long ago when the cyberattack against Change Healthcare caused a massive disruption in the hospital and medical sectors. Certain functions, including payment processing, were affected across the payer spectrum. The ripple effect lasted for months, but entities were able to eventually pivot to certain workarounds that helped to ease the crisis over time.
Now, however, just as we are emerging from the detrimental effects of the Change event, comes a new attack. This time, it involves a nation-wide hospital system. Last week, Ascension, which employs approximately 134,000 associates, has 35,000 affiliated providers and 140 hospitals in 19 states, announced that it was hit by a ransomware attack in a statement this past Saturday. The nonprofit health system said it had notified law enforcement and government agencies, including the FBI, the Cybersecurity and Infrastructure Security Agency and the U.S. Department of Health and Human Services (HHS).
Ascension detected “unusual activity” on some technology network systems last Wednesday. It launched remediation efforts, including working with Mandiant, a Google subsidiary and cybersecurity company, to assist with an investigation and determine if data was breached, according to a report in HealthcareDive. Several sources said the type of ransomware used in the attack against Ascension is known as "Black Basta," which has been repeatedly used to attack healthcare organizations in recent years, according to a report in Pensacola News Journal.
The Extent of Damage
In the wake of the cybersecurity incident, which began on Wednesday and which shut down critical processes, several of the health system’s hospitals began diverting ambulances for emergency services and placing a pause on certain elective services. We also understand that Ascension’s electronic medical record (EMR) system, patient portal and some phone systems were unavailable for at least a day following the attack. In addition, various systems that the health system uses to order certain tests, procedures and medications are also down, according to one of the accounts of this event.
Ascension has not provided any information regarding a potential data breach. According to its website, the health system is still continuing to work with internal and external experts, as well as with law enforcement agencies, to determine the full scope of the attack, including whether any sensitive information was affected.
The Outlook
According to a statement released by an Ascension spokesperson, the company reacted immediately to the attack by initiating an investigation while simultaneously employing remediation efforts. The statement went on to address its current workaround in light of the cyber incident:
It is expected that we will be utilizing downtime procedures for some time. Patients should bring to their appointment notes on their symptoms and a list of current medications and prescription numbers or the prescription bottles so their care team can call in medication needs to pharmacies.
As of Saturday, Ascension did not have a timeline for system restoration. As with the Change cyberattack and other similar attacks in recent months, it would be reasonable to proceed on the assumption that some systems will remain compromised or nonfunctioning for some time in the several hospitals of the Ascension system. So, just when you thought it was back to business as usual, here comes this latest reminder that danger is still out there, it can create a great deal of havoc in its wake, and not everything is serene beneath the surface.