Wednesday, March 30, 2016

MedStar claims IT networks being restored after hack

MedStar Health claimed “significant progress” in restoring data systems that were hacked by a cyber attack on the day of Monday.


In a statement issued on the day of Tuesday afternoon, the agency said it expected to restore operations with most of its systems by the end of day Tuesday. The statement attributed the tragedy to malware. “At the initial signs of a problem, our team rapidly made a decision to take down all of our systems as a precaution and to make sure of no further corruption,” the system stated.


“With few distinctive exceptions, entire doors remain open,” the 10-hospital delivery system stated that in its comments, responding to issued reports that few sufferers had been turned away from services.


MedStar claimed that it was utilizing backup systems, involving paper documentation “as an extra layer of support to our clinical operations.”


Outside enforcement organizations, involving the FBI, are engaging in the investigation of the cyber attack. “We will sustain to partner with professionals in the field of IT and cybersecurity, as well as law enforcement, to continually assess the situation as we safely restore functionality,” MedStar said.


The integrated delivery network, deployed in Columbia, Md., and the greatest healthcare contributor in Maryland and Washington, D.C., again affirmed that patient data has not been compromised or stolen. “Patient data will not be added to any system without making sure that it is entirely free of any and all viruses and security threats,” its statement claimed.


“Instead of the challenges impacting the MedStar Health’s IT systems, the quality and safety of our sufferers remains our greatest priority, which has not waned throughout this experience,” stated Stephen R.T. Evans, MD, MedStar’s executive vice president of medical affairs and chief medical officer. “Fortunately, the significant ways in which we deliver patient care can’t be changed, manipulated or harmed by malicious efforts to disrupt the services we offer.”


“Thanks to the dedication of our clinical and Information Technology teams, we are dealing the present problem in an expeditious and precise manner,” claims Kenneth A. Samet, MedStar’s president and CEO, in the release.


The MedStar statement did not deal the exact genre of the attack, which many professionals attribute to a ransomware-style hack. Healthcare agencies have been the subject of these attacks, which utilize software to lock access to data or computers until a “ransom” is paid to unlock the information.


“Ransomware is rapidly becoming an important threat to the presence of the IT infrastructure of agencies of all industry places and sizes,” states Wolfgang Kandek, chief technology officer of Qualys, an information security firm. “In order to reduce the vulnerability to ransomware, IT managers require hardening their users’ workstations, as these are the primary targets of the attacks.”


The increasing number of ransom-based attacks against healthcare agencies shows the requirement for increased vigilance, claims Cris Thomas of Tenable, one of the firm’s security experts.


“With 6 hospital systems attacked across the USA, the healthcare organization has emerged as the obvious target of choice for ransomware cyber criminals,” he states. “Ransomware viruses like Locky and Samas are critical threats on their own, but the repeated victories of hackers have enjoyed utilizing this tactic is also a symptom of a greater issue with U.S. healthcare cybersecurity.”


The cyber attack against MedStar indicates the requirement for the Department of Health and Human Services to execute significant provisions of the Cybersecurity Information Sharing Act of 2015, stated Sen. Lamar Alexander (R-Tenn.), chairman of the Senate Committee on Health, Education, Labor and Pensions.


Alexander asserts that a Senate health committee provision in the cybersecurity law would make sure that HHS offers hospitals clear data on ways to stop hackings and put someone at the organization in a central role for responding to cyber attacks


“The results of cyber attacks like yesterday’s hacking at MedStar Health can be serious for America’s sufferers,” Alexander stated. “Congress has approved a law to assist to keep hospitals and sufferers safe from these malicious attacks – calling for Health and Human Services to offer hospitals and doctors clear data on the best ways to stop a hack in the 1st place and putting someone at the organization on the flagpole if a cyber attack happens. Yesterday’s attack, which, sadly, is not distinctive, indicates the requirement for HHS to apply the law with the urgency sufferers and hospitals deserve.”


No comments:

Post a Comment