New ransomware attack forces hospitals to turn away patients
Allscripts, a provider of electronic health record (EHR) technology to hospitals, was hit by ransomware this week, provoking an outage that affected thousands of physicians” practices and healthcare providers across the United States.
Allscripts reportedly handles data for 180,000 physicians, 100,000 electronic prescribing physicians, 40,000 in-home clinicians, 2,700 hospitals, 13,000 extended care organizations and 7 million patients across the country. Besides EHR tools, it develops and sells solutions for patient engagement and care coordination, as well as financial and analytics technology.
Early this week, the company confirmed to partnering hospitals that it fell victim to a ransomware attack that crippled its systems.
Ransomware is malware that encrypts data on the endpoints it infects. If successful, the malware displays a note demanding payment â€“ in the form of untraceable digital currency â€“ in exchange for decrypting the data.
As reported by Healthcare IT News, facilities relying on their own server were less severely affected than those relying on cloud-hosted services and applications supplied by Allscripts.
Cleveland”s News 5 confirmed this with doctors at Pulmonary Physicians in Canton. Because of the Allscripts outage, the office has not been able to access vital patient information, and is forced to turn away its patients.
Like Hancock Health and Adams Memorial, Allscripts was apparently hit by the same type of ransomware â€“ albeit a slightly different strain â€“ dubbed SamSam. It emerged in 2016 and specifically targeted the healthcare industry.
SamSam spreads through the web and Java apps, and specifically targets external-facing RDP servers. It relies on unsophisticated techniques (i.e. brute force tools) to guess weak passwords and make its way into the network. Thanks to a wormable component, once it makes its way inside, it spreads laterally to infect other vulnerable systems.
David Finn, an executive at consulting firm CynergisTek, points out that organizations use endpoint protection tools but forget to lock up servers with antimalware solutions.
“It needs to be on all of your endpoints. We sometimes forget about those servers being endpoints,” said Finn.
Allscripts has not yet issued a public statement on the attack.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
Mobile security threats: reality or myth?
June 13, 2021
FOLLOW US ON
You might also like
July 23, 2021
July 22, 2021
July 20, 2021