About a week after it suffered a crippling cyberattack, Lurie Children’s Hospital in Chicago is still struggling to restore its computer systems.
While the hospital is still operational, the outage has made it difficult for both patients and staff to access prescription history and medical records, besides making scheduling a challenge too.
The hospital’s phones, email, and other electronic systems have been affected by the shutdown. “We recognize the frustration of not having clarity on when this will be resolved”, it said in a statement it issued, adding that investigation and efforts to resolve the issue are underway.
The Nature of the Cyberattack Remains Unclear
The hospital has yet to share any details on the nature of the cybersecurity incident. It also did not reveal whether the perpetrators have demanded a ransom for unblocking the systems.
While Lurie first announced the outage on 3rd January, it wasn’t until the next day that the hospital acknowledged that it was linked to a cybersecurity incident.
Dr. Andy Bernstein, a pediatrician at North Suburban Pediatrics reported that patients were facing difficulties connecting with their specialists. However, the hospital was able to resolve the issue by back-channeling it.
To help restore connection for patients who are now unable to contact the hospital through their phone number and other electronic messaging systems, Lurie also established a call center later last week.
There has been a notable surge in cyberattacks against healthcare infrastructure in recent years. In 2021, St. Margaret’s Health in Spring Valley, Illinois had its computer systems affected for months due to a cyberattack, which also prevented it from filing insurance claims.
Another Illinois hospital was shut down in June last year, partly due to a cyberattack. This was the first time that a healthcare provider reported a cybersecurity incident as a reason behind its closure.
In another instance, a cyberattack on Thanksgiving Day last year diverted ambulances from East Texas hospitals. Additionally, hospitals in New Jersey, Oklahoma, and New Mexico were also forced to reroute ambulances.
It’s worth noting that all the hospitals affected in the cyberattack are owned, either partly or wholly, by Ardent Health Services. The Tennessee-based company owns over two dozen hospitals across 5 different states, which means a cyberattack on it can pose widespread harm and losses.
Experts Warn Parents of Cybersecurity Threats
While the hospital struggles to bring its systems back online, experts have issued warnings for parents to remain vigilant. Besides the direct inconvenience caused by the cyberattack, a potential data breach can also put sensitive patient information at risk.
Chicago-based Data Defenders Cybersecurity founder Cyrus Walker also revealed that officials working on resolving the issue are focusing on two things.
Identifying the hacker is no longer a priority – instead, the primary focus is to ensure that the threat actor no longer has any control over the environment.
The other priority is to get the systems back up and running again so that the hospital can resume providing critical healthcare services to patients in need.
Experts have, from time to time, issued serious warnings against cybercrimes. For instance, the FTC recently warned against scanning unknown QR codes, which is increasingly becoming a popular mode of cyber attack.
The UK Parliament’s Joint Committee on the National Security Strategy released a report warning that the country’s transportation, water & energy supply, telecommunications, and healthcare infrastructure are susceptible to a major cyber attack, which can bring the country to a standstill.
Such warnings only go to highlight the increasing threat of cyber-attacks, highlighting the need to stay vigilant.