MedStar reports IT systems being restored after hack

The 10-hospital system attributed the cyber attack to malware and said it shut down its IT systems to protect them; provider now working with law enforcement to determine the source of the attack.


MedStar Health reported “significant progress” in restoring information systems that were crippled by a cyber attack on Monday.

In a statement released Tuesday afternoon, the organization said it hoped to restore operations with most of its systems by the end of Tuesday. The statement attributed the incident to malware. “At the early signs of an issue, our team quickly made a decision to take down all of our systems as a precaution and to ensure no further corruption,” the system said.

“With few unique exceptions, all of our doors remain open,” the 10-hospital delivery system said in its comments, responding to published reports that some patients had been turned away from services.

MedStar said it was using backup systems, including paper documentation “as an additional layer of support to our clinical operations.”

Outside enforcement agencies, including the FBI, are participating in the investigation of the cyber attack. “We will continue to partner with experts in the field of IT and cybersecurity, as well as law enforcement, to continually assess the situation as we safely restore functionality,” MedStar said.

The integrated delivery system, based in Columbia, Md., and the largest healthcare provider in Maryland and Washington, D.C., again affirmed that patient information has not been compromised or stolen. “Patient information will not be added to any system without ensuring it is completely free of any and all viruses and security threats,” its statement said.

“Despite the challenges affecting MedStar Health’s IT systems, the quality and safety of our patients remains our highest priority, which has not waned throughout this experience,” said Stephen R.T. Evans, MD, MedStar’s executive vice president of medical affairs and chief medical officer. “Fortunately, the core ways in which we deliver patient care cannot be altered, manipulated or harmed by malicious attempts to disrupt the services we provide.”

Also See: Providers should assess breach readiness after MedStar hack

“Thanks to the expertise and dedication of our clinical and IT teams, we are addressing the current issue in an expeditious and thoughtful manner,” says Kenneth A. Samet, MedStar’s president and CEO, in the release.

The MedStar statement did not address the exact nature of the attack, which many experts attribute to a ransomware-style hack. Healthcare organizations have been the subject of an increasing number of these attacks, which use software to lock access to information or computers until a “ransom” is paid to unlock the data.

“Ransomware is quickly becoming a significant threat to the availability of the IT infrastructure of organizations of all industry areas and sizes,” says Wolfgang Kandek, chief technology officer of Qualys, an information security firm. “In order to minimize the susceptibility to ransomware, IT managers need to harden their users’ workstations, as these are the main targets of the attacks.”

The rising number of ransom-based attacks against healthcare organizations shows the need for increased vigilance, says Cris Thomas of Tenable, one of the firm’s security experts.

“With six hospital systems attacked across the United States, the healthcare industry has emerged as the clear target of choice for ransomware cyber criminals,” he said. “Ransomware viruses such as Locky and Samas are serious threats on their own, but the repeated successes hackers have enjoyed using this tactic is also a symptom of a bigger problem with U.S. healthcare cybersecurity.”

The cyber attack against MedStar shows the need for the Department of Health and Human Services to implement key provisions of the Cybersecurity Information Sharing Act of 2015, said Sen. Lamar Alexander (R-Tenn.), chairman of the Senate Committee on Health, Education, Labor and Pensions.

Alexander contends that a Senate health committee provision in the cybersecurity law would ensure HHS gives hospitals clear information on ways to prevent hackings and put someone at the agency in a central role for responding to cyber attacks

“The consequences of cyber attacks like yesterday’s hacking at MedStar Health can be catastrophic for America’s patients,” Alexander said. “Congress has passed a law to help keep hospitals and patients safe from these malicious attacks – calling for Health and Human Services to give hospitals and doctors clear information on the best ways to prevent a hack in the first place and putting someone at the agency on the flagpole if a cyber attack occurs. Yesterday’s attack, which, unfortunately, is not unique, shows the need for HHS to implement the law with the urgency patients and hospitals deserve.”

More for you

Loading data for hdm_tax_topic #care-team-experience...