A cyberattack has impacted hospital systems for over 4 weeks, preventing patients from receiving medical records and leaving providers confused and concerned.
The Attack That Won’t End
A network outage began on January 31st at Ann and Robert H. Lurie Children’s Hospital of Chicago, impacting various components of the hospital’s network. It’s been nearly three weeks, and the organization has yet to fully recover.
Lurie is the largest hospital in the Chicago area and has received numerous awards for patient care. Yet the attack has devastated their ability to serve patients.
According to a news report, the outage initially shut down Lurie’s network and impacted email, phones, and some other electronic systems. The hospital was able to remain operational, but staff and patients faced difficulty with scheduling, accessing medical records, and finding prescription history.
Lurie’s most recent update on February 14th stated that inbound and outbound email was finally restored, as well as the majority of phone lines. Still, some phone lines remain offline and MyChart, an online software system used to access medical records and send secure messages, is currently non-operational.
Patients at Lurie can expect procedures and appointments to run as scheduled. The hospital did state that the restoration of their academic medical center’s network was ongoing.
Lurie Children’s has established a call center to help patients affected by the downed networks.
A Nightmare Felt Across Chicago
The impact of the Lurie attack has been major–from being unable to process payments to sending young patients to other nearby hospitals. Yet, as reported by the Chicago Sun, patients sent elsewhere have difficulty providing their medical treatment history to new providers.
Lurie is also known as a safety net for low-income patients. One doctor who frequently works with Lurie patients expressed concern that some patients could fall through the cracks when it’s time to reschedule appointments.
While Lurie faces the biggest challenges, other affiliated pediatricians and medical organizations are also having difficulty with some services, including billing and accessing patient records.
For the most part, Lurie has remained tight-lipped about the situation. While the outage began on January 31st, the hospital publicly acknowledged it was related to cybersecurity issues on February 4th.
Ransomware Speculations
Now, there are speculations that LockBit, a notorious ransomware organization, may be behind the attack. While the connection has not yet been confirmed, CBSN noted that LockBit has taken credit for a similar outage in a different part of Chicago.
U.S. Attorney for the District of New Jersey, Philip Sellinger, vowed to find a digital trail for the attack to determine who may have been responsible.
Yet, if LockBit is responsible for the attack, it could mean Lurie can resolve it sooner rather than later. Recently, in a joint effort across 11 countries, several front-facing LockBit websites were taken down. Multiple suspects were also apprehended in New Jersey. The efforts will largely disrupt LockBit’s ability to steal data.
On top of this, the FBI, in conjunction with the United Kingdom, has successfully developed a decryption tool that could allow victimized organizations to retrieve their data.
What The Experts Are Saying
On Lurie’s website, the healthcare organization said, “Lurie Children’s is actively responding to a cybersecurity matter. We are taking this very seriously, are investigating with the support of leading experts, and are working in collaboration with law enforcement agencies.”
Regarding how patients were impacted, Dr. Andy Bernstein of North Suburban Pediatrics who frequently communicates with Lurie said, “At first, we had some patients having trouble communicating with their specialists, but we were able to back-channel that in a couple of ways.”
Brett Lederman, deputy assistant director for cyber operations at the FBI, agrees that LockBit could be involved in the attack. “The group has been indiscriminate in their targeting–exploiting organizations affiliated with government agencies, hospitals, schools, to high-profile global companies,” he said.
What’s Next
For Lurie Children’s Hospital, the situation remains tense. With certain operations still nonfunctional, the hospital will likely face further repercussions.
Hospitals are extremely interconnected, and this situation highlights how one downed network can have an impact beyond the immediate organization.
While Lurie is still able to treat patients, attacks on hospitals can wreak financial and legal havoc. According to CNN, some hospitals victimized by cyberattacks have been ultimately unable to quickly recover. In 2023, for instance, an attack forced ambulances to reroute to different hospitals because of the attack. Other hospitals have buckled under the financial impact, forced to close because of the costs associated with recovery and restoration.
How Cloudticity Can Help
Ransomware attacks against hospitals were up 46% in 2023. These attacks can be devastating, as clinicians and patients can’t access health record data during an attack using traditional solutions.
Cloudticity and Sapphire Health are changing that. With a new solution for Epic EHR on AWS, we’re helping organizations access production EHR data, while still defending against the attack. So hospitals can continue treating patients, scheduling appointments, and providing data-driven care without compromising patient data.
Learn More in this Blog: Ransomware Resiliency with Epic on AWS
If you want to learn more about the ransomware solution, reach out for a free consultation today.