Ascension hacked
Ascension, one of the largest non-profit Catholic health systems in the United States, has recently suffered a significant cyberattack impacting its operations across 140 hospitals in 19 states. The attack was detected on Wednesday, and it has caused widespread disruptions to clinical operations and patient care.
The cyberattack on Ascension was first noticed due to “unusual activity” on select technology systems. It has led to the shutdown of electronic health records, patient communication portals like MyChart, and various systems used for ordering tests, procedures, and medications. This disruption has forced the healthcare provider to revert to manual systems for patient care, reminiscent of pre-digital times.
The cyberattack has severely impacted patient care across Ascension’s network. Ambulances have been diverted, and non-emergent elective procedures have been temporarily suspended to prioritize urgent care. Patients have been advised to bring detailed notes about their symptoms and a list of medications to their appointments.
The type of cyberattack has been identified as a ransomware attack, specifically linked to the Black Basta ransomware group. Black Basta ransomware typically infiltrates networks through methods such as phishing emails, exploiting software vulnerabilities, or using compromised credentials.
Black Basta is a ransomware-as-a-service (RaaS) group that emerged in early 2022 and has been linked to several high-profile attacks. The group is known for its double extortion tactics, which involve encrypting the victim’s data and threatening to release it publicly if the ransom is not paid. This group has targeted various sectors, including healthcare, indicating a pattern of attacks against organizations with critical infrastructure.
Entry point or vulnerability exploited by the attackers includes initial access through phishing, exploitation of public-facing applications, the use of previously compromised credentials to gain deeper access to the network.
This incident is part of a larger trend of increasing cyberattacks on healthcare systems, which are particularly vulnerable due to the critical nature of their services and the valuable data they hold. The attack on Ascension highlights the ongoing challenges and the need for robust cybersecurity measures in the healthcare sector.
Ascension has engaged Mandiant, a cybersecurity firm and Google subsidiary, to assist in the investigation and remediation process. The focus is on investigating the breach, containing it, and restoring the affected systems. However, there is currently no timeline for when systems will be fully operational again.