This article is from the source 'washpo' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at https://www.washingtonpost.com/local/likely-ransomware-cyberattack-still-crippling-medstar-health-computers-at-some-hospitals/2016/03/30/a82c9fa8-f687-11e5-8b23-538270a1ca31_story.html
The article has changed 5 times. There is an RSS feed of changes available.
| Version 2 | Version 3 |
|---|---|
| Likely ransomware cyberattack still crippling MedStar Health computers at some hospitals | Likely ransomware cyberattack still crippling MedStar Health computers at some hospitals |
| (about 3 hours later) | |
| Hospitals throughout MedStar Health’s network of facilities continued to face problems with their online systems Wednesday, two days after a cyberattack crippled the health-care giant’s email and patient records databases. | |
| “Our electronic medical records system is working,” spokeswoman Ann Nickels said. “Individual work stations may not be working.” | |
| MedStar also issued a statement Wednesday saying that “the three main clinical information systems supporting patient care are moving to full restoration, and enhanced functionality continues to be added to other systems.” | |
| What systems worked and where, however, was inconsistent, according to staff reached by The Post. | |
| “In the in-patient units that I’m aware of, everything is off. The computers are off,” said Stephen Frum, a labor representative for National Nurses United who has worked closely with MedStar for 15 years. “The system may be working, but if no one can access it, what use is that?” | “In the in-patient units that I’m aware of, everything is off. The computers are off,” said Stephen Frum, a labor representative for National Nurses United who has worked closely with MedStar for 15 years. “The system may be working, but if no one can access it, what use is that?” |
| The $5 billion health-care provider, which operates 10 hospitals and more than 250 outpatient facilities in the Washington region, has contended with the crisis since early Monday, frustrating both patients and staff members who asserted that the problems have been worse than MedStar has acknowledged. | |
| On Wednesday morning, The Post surveyed emergency departments at nine MedStar hospitals, and staff at four of them — including Georgetown University Hospital and Good Samaritan Hospital in Baltimore — said their computers remained offline. Two hospitals refused to say. The rest indicated that some systems and computers worked while others didn’t. | |
| A psychologist who works in an outpatient facility in the District said staff in her office were able to access the primary medical records database, but still had to fax prescriptions. At MedStar Washington Hospital Center, an emergency room nurse said that by Wednesday afternoon her department was “almost fully functional,” but other floors “still have no access to any systems.” | |
| Still, MedStar officials said that they had “continued to provide care approximating our normal volume levels,” according to a press release Wednesday afternoon. They estimated that the system’s medical personnel had seen more than 6,000 patients and performed 782 surgeries since Monday. | |
| [MedStar Health turns away patients after likely ‘ransomware’ cyberattack] | [MedStar Health turns away patients after likely ‘ransomware’ cyberattack] |
| MedStar officials have refused to characterize Monday’s cyberattack as “ransomware,” a virus that holds systems hostage until victims pay for a key to regain access. But a number of employees reported seeing a pop-up on their computer screens seeking payment in bitcoins, an Internet currency. One woman who works at MedStar Southern Maryland Hospital Center sent The Post an image of the ransom note, which demanded that the organization pay 45 bitcoins — equivalent to about $19,000 — in exchange for the digital key that would release the data. | |
| “You just have 10 days to send us the Bitcoin,” the note read, “after 10 days we will remove your private key and it’s impossible to recover your files.” | “You just have 10 days to send us the Bitcoin,” the note read, “after 10 days we will remove your private key and it’s impossible to recover your files.” |
| The cyberattack is being investigated by the FBI just weeks after similar viruses infected other hospitals in Kentucky and California. | |
| The health-care industry is considered particularly vulnerable to ransomware attacks, but they are on the rise everywhere as more victims pay up. In a nine-month period in 2014, the FBI investigated 1,838 complaints of such attacks, which cost those targeted more than $23.7 million. In 2015, agents investigated 2,453 complaints, costing targets $24.1 million. | |
| [These hackers can hold a town hostage. And they want ransom in bitcoin.] | |
| On Tuesday, Nickels said that MedStar’s facilities, which stretch from Arlington to Baltimore, have operated safely throughout the crisis. | |
| But some patients had their appointments cancelled on Monday and Tuesday, and two nurses and a doctor described serious challenges treating patients without access to sophisticated computer systems and records. | |
| Medical staff were forced to rely on seldom-used paper records that had to be faxed or hand-delivered. Paper charts are far less comprehensive than those kept in digital form. They can be missing vital pieces of patient information: complete medical histories, every drug prescribed, allergies to medicine and treatment plans. | Medical staff were forced to rely on seldom-used paper records that had to be faxed or hand-delivered. Paper charts are far less comprehensive than those kept in digital form. They can be missing vital pieces of patient information: complete medical histories, every drug prescribed, allergies to medicine and treatment plans. |
| “It’s really a very difficult situation to deal with,” said one doctor who works for MedStar at a Disrict location. “It’s a serious warning to other health-care systems.” |