Weeks after malware disruption, New York hospital is getting back online
For three weeks, a 290-bed medical facility in upstate New York has been grappling with a cybersecurity incident that prevented doctors from accessing patients’ electronic medical records (EMRs).
The EMRs and payroll and accounting systems are now back online, the Samaritan Medical Center said in a statement Wednesday, but restoring the entire computer network will still take time. The not-for-profit Watertown, New York, institution — which says it generates $395 million annually in economic activity — blamed a “malware attack” for the disruption. There was no evidence that patient data had been compromised.
It was unclear who was responsible for the attack. A facility spokesperson did not respond to multiple requests for comment.
The incident highlights how malicious cyber-activity has continued to disrupt IT systems in the health sector as it fights a global pandemic. Multiple ransomware attacks have hit pharmaceutical or biomedical firms working on coronavirus treatments, while health care providers in Europe and the U.S. have had to recover from separate hacking incidents. Outrage and condemnation from world leaders have done little, if anything, to deter the attacks.
Cybercriminals are taking “advantage of fatigue and uncertainty within the healthcare community caused by COVID-19 to try to increase the success of their attempts,” said Mitch Parker, executive director of information security and compliance at Indiana University Health. The greater need to use electronic medical records and technology to support remote work during the pandemic has also increased the risk of cyberthreats, Parker added.
For Samaritan, the recovery process has been gradual. Since the medical center announced July 29 it was dealing with a “potential security incident,” multiple emails to Samaritan personnel have been rejected because of network errors, and CyberScoop has primarily been communicating with the medical center through its Facebook account. Samaritan now says its website and phones are working.
Samaritan, which is the largest hospital in its region of northern New York, said it was still caring for patients throughout the ordeal but that it was forced to reschedule “a limited number of non-urgent patient procedures.”
