Cyber attack hits Ascension hospitals (drops them “back into the 80s”)

Bengraven · May 9, 2024

140 hospitals. 19 senior care facilities.

All struggling to do their jobs and help their patients.

Cyberattack hits Ascension hospitals' computer networks: 'It's affecting everything'

"It's affecting everything," a doctor said when computer networks shut down at 15 Ascension Michigan hospitals amid a national cybersecurity breach.

www.freep.com

Ascension hospitals were hit Wednesday by a cyberattack that disrupted its computer network which continued to affect its clinical operations Thursday morning, leading the nonprofit, St. Louis-based health system to urge its business partners to sever online connections to its system.

"We detected unusual activity on select technology network systems, which we now believe is due to a cyber security event," Ascension said in a statementposted on its website. "At this time we continue to investigate the situation. We responded immediately, initiated our investigation and activated our remediation efforts. Access to some systems have been interrupted as this process continues.

Our care teams are trained for these kinds of disruptions and have initiated procedures to ensure patient care delivery continues to be safe and as minimally impacted as possible. There has been a disruption to clinical operations, and we continue to assess the impact and duration of the disruption."

Employees noticed the computer network problems about 7 a.m. Wednesday, said three workers who spoke on the condition of anonymity out of fear of job repercussions.

"There was a security concern, so they shut down the system," one physician told the Free Press. "It's affecting everything."

Another Ascension Michigan doctor said: "We have no access to medical records, no access to labs, no access to radiology or X-rays, no ability to place orders.

"We have to write everything on paper. It's like the 1980s or 1990s. You go to the X-ray room to look at the X-rays on film, you call the lab they tell you what the results are over the phone. So it's just much more cumbersome, but we do have training for these moments."

I've known about this for a couple days but since its on GMA and the news I figured it would be a good time to post.

My wife works at an Ascension hospital. She says: "They are demanding a ransom. Ascension knew this was coming and didn't do enough to prevent it. Now we literally have everything down. Time clocks, charts, security cameras. Everything….Everyone is freaking out. We have all the cases but can't even print out a preference card to pull the case because it has patient information on it. We are so fucked. All the nurses are scrambling trying to chart on paper. All the doctors have to chart and dictate on paper. It's mayhem".

They'll likely end up just getting paid whatever their last week's paycheck is, she says.

Zimmiwood · May 9, 2024

It's one thing to target corporations but it's a whole other level of special scumbaggery to go after hospitals in any form...just wow

Bengraven · May 9, 2024

Zimmiwood said:
It's one thing to target corporations but it's a whole other level of special scumbaggery to go after hospitals in any form...just wow

Personally, I know their management isn't the greatest and it's likely they had some severe vulnerabilities but yes. It's a hospital. You're not a "badass 1337 hacker" when you are literally causing issues with lives - you are possibly committing even more serious crimes.

Culex · May 9, 2024

Zimmiwood said:
It's one thing to target corporations but it's a whole other level of special scumbaggery to go after hospitals in any form...just wow

Is ingenious on a pure evil scale. Hospital really has no choice but to pony up a ransom vs many other corps.

Doskoi Panda · May 9, 2024

it's basically impossible to overstate how stressful this is for everybody involved. attacks like this have been hitting every rung of the medical industry over the last few years. more should be done to prevent them - better training that emphasizes strict preventative measures, systems and security upgrades, etc. but it's a cat and mouse game, and with money on the line, i've got a feeling that this sort of thing is just going to keep on happening.

Gwarm · May 9, 2024

Ascension laid off 650+ application analysts for their EHR a couple of years back so they could outsource support to a third party consulting firm with a terrible reputation. I'm not saying this has anything to do it with, but it sure can't be helping.

Kuga · May 9, 2024

And let me take a wild guess: the IT and IS teams have been begging the C-suites for years on personnel/funding for cybersecurity issues to little avail.

Gwarm · May 9, 2024

Kuga said:
And let me take a wild guess: the IT and IS teams have been begging the C-suites for years on personnel/funding for cybersecurity issues to little avail.

Probably, before they fired them all!

Bengraven · May 9, 2024

Doskoi Panda said:
it's basically impossible to overstate how stressful this is for everybody involved. attacks like this have been hitting every rung of the medical industry over the last few years. more should be done to prevent them - better training that emphasizes strict preventative measures, systems and security upgrades, etc. but it's a cat and mouse game, and with money on the line, i've got a feeling that this sort of thing is just going to keep on happening.

My wife is struggling right now. And something similar already happened a year ago and I believe they paid the ransom. So it will likely become a thing.

Gwarm said:
Ascension laid off 650+ application analysts for their EHR a couple of years back so they could outsource support to a third party consulting firm with a terrible reputation. I'm not saying this has anything to do it with, but it sure can't be helping.

It's a mismanaged corporation from the top down. I've been kicking the company for years due to their constant hiring freezes. Everyone from medical staff to management is overworking themselves because they refuse to hire. Everyone does 2-3 jobs. And when they ask for more help the company says they can't afford it.

Meanwhile their doctors and upper management are fucking rolling in cash.

Kuga said:
And let me take a wild guess: the IT and IS teams have been begging the C-suites for years on personnel/funding for cybersecurity issues to little avail.

I couldn't even tell you. My wife has seen like one IT guy over the last few months at her hospital.

ManNR · May 9, 2024

Not to cause undo alarm but an article I read earlier this week comes to mind: https://theconversation.com/taiwan-...y-the-world-should-be-paying-attention-225677

Edit: article is about the literal billions of cyber-attacks Taiwan has been dealing with (around 5 million a day) and how the rest of the world, especially America, needs to know what is coming.

Nassudan · May 9, 2024

Gwarm said:
Probably, before they fired them all!

And replaced with offshore contractors with little to no benefits and a barely livable wage.

Bengraven · May 9, 2024

Ascension hospital cyber attack disrupts patient's visit for potential cancer diagnosis

Zackery Lopez is awaiting the results of a potential cancer diagnosis amid a massive cyber security breach that has affected over a hundred Ascension hospitals.

www.fox2detroit.com

A patient at Ascension Providence checked himself into the Southfield hospital this week amid fears that his cancer had returned. Instead, he found himself witnessing the fallout from a cyber attack that targeted more than a hundred hospitals around the U.S.

The chaos was on display Wednesday while Zackery Lopez waited hours for pain medication - a request that went unanswered for seven hours before a nurse finally brought him some relief.

During that time, Lopez said he saw patients checking themselves out of Ascension Providence, located on Nine Mile.

"Right now it is crazy. Nurses are running around. Doctors are running around. There's no computers whatsoever they can use," he said. "So, they're actually using charts."

winjet81 · May 9, 2024

Just reading this thread it's sad that lax IT security may be a result of a for-profit health care model that values $$$ over workers and patients.

The Lord of Cereal · May 9, 2024

This is probably only the beginning. My parents are both nurses and between the three hospitals they work at, only one of them actually has a competent security system, and that's only because they found out the hard way when they were hit with a ransomware attack.

Hospitals across the country are being destroyed by dumbass executives who don't know how to run a hospital…

Pomerlaw · May 9, 2024

These attacks aren't that easy to prevent. Users are the number one vulnerability no matter how great your security systems are. Dangers remain. We have whole countries working to undermine our democracies and this is one way to do it.

GulAtiCa · May 9, 2024

Pure evil.

SaberVS7 · May 9, 2024

Zimmiwood said:
It's one thing to target corporations but it's a whole other level of special scumbaggery to go after hospitals in any form...just wow

It's usually terrorists from Russia committing these cyberattacks on infrastructure. The possibility of getting Americans killed is the point.

Bengraven · May 9, 2024

The Lord of Cereal said:
This is probably only the beginning. My parents are both nurses and between the three hospitals they work at, only one of them actually has a competent security system, and that's only because they found out the hard way when they were hit with a ransomware attack.

Hospitals across the country are being destroyed by dumbass executives who don't know how to run a hospital…

I worked for a cardiac clinic years ago that was managed by a third party. It was the worst fucking job I've ever had in my life. Management demanding shit without knowing the industry. Sexual and physical assault being overlooked (which is an issue at my wife's hospital too). Fucking horrible. I was the hardest working and arguably most ethical person in the dept and I got fired because some middle manager asshole decided I wasn't scheduling enough of the high value surgeries. I was fielding 100 calls a day for 9 hours a day and going nuts from the constant harassment to work harder.

Fucker that fired me was literally reading a spreadsheet upside down one time.

Randomly Generated · May 9, 2024

winjet81 said:
Just reading this thread it's sad that lax IT security may be a result of a for-profit health care model that values $$$ over workers and patients.

I work at a nonprofit that was hit by a ransomeware attack. I think the reality is that everywhere outside top tech companies and certain branches of the government have terrible IT security and it's only a matter of time until they're hit.

duxstar · May 9, 2024

Yet its hard to get a cybersecurity job right now and everyone in IT pretty much agrees the job market sucks. I would've loved a security job in a hospital after getting out of school with 2 + years of experience and willing to pay me decently instead I ended up getting into networking when I actually went to school for Cyber

The issue is the way to stop shit like this is User Training, and also Complex Programs that track movement through a network that a lot of these hospitals don't see as useful or needed, and are probably letting technology with vulnerabilities stay in the hospital because they do not want to "spend" for new computers.

Cyber attack hits Ascension hospitals (drops them “back into the 80s”)

Bengraven

Powered by Friendship™

Cyberattack hits Ascension hospitals' computer networks: 'It's affecting everything'

Zimmiwood

The Wise Ones

Bengraven

Powered by Friendship™

Culex

Doskoi Panda

One Winged Slayer

Gwarm

Kuga

Gwarm

Bengraven

Powered by Friendship™

ManNR

Nassudan

Bengraven

Powered by Friendship™

Ascension hospital cyber attack disrupts patient's visit for potential cancer diagnosis

winjet81

The Lord of Cereal

#REFANTAZIO SWEEP

Pomerlaw

Erarboreal

GulAtiCa

Community Resettler

SaberVS7

Bengraven

Powered by Friendship™

Randomly Generated

duxstar