Info expected to emerge slowly in hospital chain cyberattack
Officials are continuing to decline to reveal new details surrounding an apparent cyberattack on one of the largest health systems in the U.S. It's a situation that security experts say often takes time to learn the full scope of the attack
CHICAGO (AP) — Details of an apparent cyberattack on one of the largest health systems in the U.S. were slow to emerge as security experts on Friday warned that it often takes time to assess the full impact on patients and hospitals.
Earlier this week, CommonSpirit Health confirmed it experienced an “IT security issue” but it has yet to answer detailed questions about the incident, including how many of its 1,000 care sites that serve 20 million Americans may have been affected. The health system giant, which is the second largest nonprofit health system in America, has 140 hospitals in 21 states.
“It actually takes a while to fully know the scope because you’re in the middle of trying to restore all your systems,” said Allan Liska, an analyst with the cybersecurity firm Recorded Future. “You’re trying to get patient care up and running. You’re trying to get your nurses and your doctors back to the systems they need.”
Healthcare organizations are an appealing target for cyber attackers — particularly those who use malware to lock up a victim organization's files and leverage the information for a payment. Ransomware has remained a persistent threat for the industry, which is among the 16 sectors the U.S. government classifies as critical infrastructure.
