News Insights: Ransomware-hit hospitals in US turn away patients

Ransomware-hit hospitals in US turn away patients

Three hospitals in Alabama were forced to close their doors to all but the most critical new patients.

Ransomware-hit hospitals in US turn away patients

Three hospitals in Alabama have been shut down—and lives potentially have been put in danger—by ransomware attacks this week. This is the new norm, unfortunately, for many pieces of critical infrastructure including cities and healthcare organizations

News Insights:

“The recent ransomware attacks to hospitals in Alabama herald an unsettling future, where the lines between the physical and digital domains are blurred. As the entire world comes online, modern cyber-threats threaten not just our most sensitive data, but also the very infrastructure we rely on to ensure our safety. And with the ramifications of these attacks bleeding into physical operations and safety, now is the time for organizations to fundamentally change tact. These machine-speed threats require defenses that act just as fast – the WannaCry ransomware in 2017 was only successfully stopped using AI technology. We’re in a brave new world of cyber – and intelligent, autonomous cyber AI has to be our first line of defense.” 

– Justin Fier, director for cyber intelligence and analysis, Darktrace

“The standard of due care is rising and healthcare boards need to act swiftly. The oath ‘do no harm’ takes on significant meaning when we see patients turned away by those they trust to help them in their time of need.

The unfortunate truth is that these hospitals aren’t alone. Hospitals and other types of healthcare organizations large and small are increasingly being targeted by stealthy cyber attackers with aggressive ransomware that brings the daily course of business to a standstill. Ransomware is one of the most widespread and damaging threats, as witnessed in other recent incidents like these in Alabama. Unlike municipalities or financial institutions that have also fallen victim, however, the risks in healthcare are more significant with patient lives on the line.

Ransomware is foreseeable and preventable. Organizations need to have effective, advanced protection in place at every state of an attack. The techniques, tactics and procedures that occur prior to a ransomware incident can and should be detected by existing security capabilities and are foundational pillars to the patient care model in healthcare 4.0. It’s also important to have off-site backups to reduce the pressure to comply with expensive ransom demands and to be able to recover faster.

J.J. Thompson, senior director of managed threat response at Sophos


“It appears that many hospitals haven’t fully grasped that their IT systems are mission critical.  They need to take far more robust precautions to guarantee availability of their systems. Cybercriminals will continue to exploit security vulnerabilities in the healthcare industry, as there is a better chance of financial reward and return on their time investment. Whether the intent is to access patient data (which is valuable on the dark web) or collect a ransom, as long as these organisations remain easy targets, they’ll continue to be targeted.

“Hospitals cannot afford to be out of action for long, as lives are at stake. Whether downtime is a result of ransomware, human error or some kind of natural disaster, hospitals need to be well prepared and should not be in a position where outages can affect patient care to such a large extent.”

  • Matt Aldridge, Senior Solutions Architect at Webroot