Ontario Hospital Among Latest Healthcare Cyberattack Victims

Abraham Smith

Fraud management and cybercrime, healthcare, incident response and security breaches

Also: 2 US hospitals are still recovering from last week’s incidents

Marianne Kolbasuk McGee (HealthInfoSec) •
February 8, 2023

Ontario hospital among recent victims of healthcare cyberattacks
Ross Memorial Hospital in Ontario is recovering from a recent cybersecurity incident that impacted patient care. (Image: Ross Memorial)

An Ontario hospital says it is operating under significantly restricted conditions due to a cybersecurity incident that began over the weekend.

See also: Live Webinar | Navigating the difficulties of patching OT

Ross Memorial Hospital, a 183-bed Canadian community hospital in Lindsay, says in a statement posted to its website Tuesday that it declared a “Code Gray” late Sunday night.

Code Gray is activated when utilities such as electricity or water and critical IT systems fail in a hospital.

According to Ross Memorial, its technology team is working with third-party cybersecurity experts to investigate the incident.

“In the meantime, as quality patient care is our priority, we are managing our established protocols to maintain the continued delivery of our critical hospital services,” the hospital says. “Our system recovery plan is also underway and we are communicating with our local, regional and provincial partners on next steps.”

The hospital advises patients with “less urgent” conditions to consider alternative care options, such as

Long road to recovery

Recent cyber incidents of a similar magnitude reported by other hospital systems suggest it may be a while before operations at Ross Memorial return to normal.

A Florida hospital system that experienced an incident Thursday that resulted in emergency patients being redirected and systems being taken offline remains under “downtime procedures” and is still redirecting some patients to other facilities.

This unit, Tallahassee Memorial HealthCare, has resorted to using paper for work normally done with electronic processes, such as: B. Registration, admission and documentation of patient care, including prescriptions.

A Maryland hospital that confirmed last week that it was the victim of a recent ransomware attack is still unable to provide certain patient services while it recovers from the incident. As of Wednesday, Atlantic General’s outpatient medical imaging and walk-in laboratory services remained “temporarily closed until further notice” as the company deals with the incident (see: Wave of cyberattacks on healthcare reaches Florida and Maryland).

Thomas Cope, chief security officer at security firm Next DLP, says these recent incidents underscore the importance of all hospitals preparing for similar potential IT outages.

“First and foremost would be to review and test backup and recovery procedures so that if a hospital does come under attack, it has a clean system to fall back on,” he says.

Source

Leave a Reply

Your email address will not be published. Required fields are marked *