You know how we say that hackers love to launch attacks during the holidays because that’s when most folks are distracted and in a hurry to begin their time off? Well guess what? There are already a few cyber attacks in the news just from this past Thanksgiving. Case in point, the recent ransomware attack that diverts ER ambulance services across multiple states.
In this episode:
Multi-state Cyber Attack Diverts ER Ambulances – Ep 436
Today’s Episode is brought to you by:
Kardon
and
HIPAA for MSPs with Security First IT
Subscribe on Apple Podcast. Share us on Social Media. Rate us wherever you find the opportunity.
Great idea! Share Help Me With HIPAA with one person this week!
Learn about offerings from the Kardon Club
and HIPAA for MSPs!
Thanks to our donors. We appreciate your support!
If you would like to donate to the cause you can do that at HelpMeWithHIPAA.com
Like us and leave a review on our Facebook page: www.Facebook.com/HelpMeWithHIPAA
If you see a couple of numbers on the left side you can click that and go directly to that part of the audio. Get the best of both worlds from the show notes to the audio and back!
Thanks to our donors.
Multi-state Cyber Attack Diverts ER Ambulances
[04:38] We have covered multiple warnings published by multiple agencies before. And we all know the holidays are when cyber criminals like to attack. Well, the recent Thanksgiving holiday is no exception. This one is bad…. I mean, really bad.First, we saw that East TX ambulances were diverted from several hospitals in the area.
Tyler, Texas at UT Health East Texas which operates 10 hospitals and more than 90 clinics in the region so we are not looking at a tiny impact. That’s a big system for the region.
But wait, it gets worse.
It isn’t just East TX, there are way more areas dealing with the same attack under Ardent Health Services. Hospitals in multiple states diverting patients after Ardent Health Services hit with ransomware attack
The states affected include Texas (x2), Idaho, Kansas, Oklahoma, New Mexico, New Jersey. Ardent Health Services, which has headquarters in Nashville, TN, report that most of the hospital sites are shut down to some extent. They are diverting care and rescheduling elective surgeries. They even say that MyChart and On-Demand Video Visits are temporarily unavailable.
The ongoing status updates are on their website Data Security Update | Ardent Health Services The FAQ section includes this part:
How long will my hospital Emergency Room be on divert?
Each Ardent hospital continues to evaluate its ability to safely care for critically ill patients in its Emergency Room as we work to bring hospital systems back online. This is rapidly changing, and the status of each hospital will be updated as the situation improves.
That basically means they got nothing. They have no idea. But, that is normal, because they need time to figure out how bad the security incident is, how far it reaches, what is the actual crime scene, etc. These kinds of things usually take days. You can’t just reboot it and everything is back to normal.
[13:45] There have been at least three other diverting attacks this year.
August 2023 – Cyberattack forces hospitals to divert ambulances in Connecticut and Pennsylvania | CNN Politics
May 2023 – Cyberattack forces Idaho hospital to send ambulances elsewhere | CNN Politics
February 2023 – Apparent cyberattack forces Florida hospital system to divert some emergency patients to other facilities | CNN Politics
But wait there’s more!
[19:10] For those who think these kinds of things only happen to big hospital systems and it’d never happen to a small clinic like yours….Ransomware group leaks data allegedly from Granger Medical Clinic – No Escape ransomware gang said they have 38 GB of data and that if the $700,000 ransom wasn’t paid within 24 hours they’d post it all on the Dark Web.
[26:20] Henry Schein re-encrypted by BlackCat again – On October 15, Henry Schein disclosed that they were hit with a ransomware attack. Then during the Thanksgiving holiday weekend, they reported that they were hit again and their data was re-encrypted. Talk about “kicking them while they are down”! [30:38] AlphV files an SEC complaint against MeridianLink for not disclosing a breach to the SEC – Yep, you ready that right. The AlphV (Black Cat) ransomware gang reported MeridianLink to the SEC because they didn’t report the data breach where AlphV, themselves, attacked them.Ransomware gang claims to have stolen Crystal Lake Health Centers data
Mission Community Hospital issues notification for May 1 ransomware attack
Welltok data breach exposes data of 8.5 million US patients
Can’t stress it enough… Vet your vendors, folks.
Selecting one of the many cybersecurity frameworks is crucial. Start somewhere. Pick the NIST CSF or CISA’s CPGs or 405d’s HICP guides. Pick something and start there. For healthcare, the HICP guides are a great place to start and they are not too technical to understand. Again, if you can show you’re following Recognized Security Practices (HICP, NIST, etc), then OCR will take that into consideration because you are showing that you are taking reasonable steps to protect yourself. Don’t wait until you are a victim.
Remember to follow us and share us on your favorite social media site. Rate us on your podcasting apps, we need your help to keep spreading the word. As always, send in your questions and ideas!
HIPAA is not about compliance,
it’s about patient care.TM
Special thanks to our sponsors Security First IT and Kardon.
