All 14 centers of Kettering Health were affected by a massive ransomware attack
A massive ransomware attack has led to a “system-wide technology outage” across a network of Ohio medical centers under Kettering Health. Both inpatient and outpatient procedures have been called off for the time being. Their network was attacked by a ransomware group on Tuesday morning, resulting in all 14 medical centers being shut down temporarily. Although emergency rooms and medical clinics are open, the call centers are down, thereby affecting the overall communication system.
As per the initial investigation results, the threat actors targeted the main computer network of Kettering Health. Meanwhile, the information technology team, as well as the health executives, are working hand in hand to limit the extent of the damage.
Kettering Health has a network of over 1800 highly qualified doctors and 15,000 medical staff. They offer medical facilities to a huge part of the Ohio population. This nonprofit organization is also responsible for taking care of over 120 outpatient facilities in Western Ohio.
A Kettering Health spokesperson stated that threat actors are trying to get in touch with their employees and patients while posing as Kettering Health representatives. They are requesting personal details such as credit card data or asking for credit card payment for their medical expenses.
Kettering Health has urged its employees and patients to stay alert and refrain from making any payments over phone calls. While it is a common practice to get in touch with patients to discuss payment options, Kettering Health will avoid that for the time being, as a security measure.
The ransomware group has left a note saying, “Your network was compromised, and we have secured your most vital files.” They have openly threatened Kettering Health to leak the stolen data if the health network fails to pay the extortion fee. Experts have found a connection between the attack and the ransomware group called Interlock.
This ransomware gang grabbed attention last fall, precisely in September. So far, they have targeted different sectors, including manufacturing firms, tech companies, and government organizations. One of its latest victims has been DaVita, the Fortune 500 company dedicated to kidney care. They run over 2600 dialysis centers situated across the US. Interlock wiped out and leaked a whopping 1.5 terabytes worth of data (as many as 700,000 files).
However, Interlock has not yet claimed responsibility for the attack on Kettering Health. No other ransomware group has done the same. That’s why there is still an air of confusion as agencies and experts are working hard to find out the real culprits.
The federal agencies like the Department of Health and Human Services, the FBI, and the US Cybersecurity and Infrastructure Security Agency take cognizance of such massive cyberattacks on USA-based health organizations. The Kettering Health spokesperson has been tight-lipped and has not yet shared any more details about the cyberattack.
US healthcare is not adequately prepared for tackling cyberattacks!
The US healthcare sector is currently grappling with major cybersecurity risks. It has been a favorite choice among threat actors, especially the ransomware gangs, because of the treasure trove of data it contains. Also, the data holds immense value and is crucial for saving precious lives. That’s exactly why threat actors prefer targeting the US healthcare sector left, right, and center.
The healthcare industry has witnessed as many as 440 ransomware attacks and data breaches in 2024 alone. By December 2024, the Department of Health and Human Services’ Office for Civil Rights’ HIPAA Breach Report Tool website had enlisted a staggering 677 major data breaches. Some of the biggest US healthcare centers which had been targeted by cyberattackers include Change Healthcare, Ascension Health, HealthEquity, Sav-Rx, Integris Health, Concentra Health and so on.
The last 18 months have been crucial for the US healthcare sector. The massive threat attacks have affected patients all over the USA. The attacks have been so impactful that lawmakers and federal agencies have started working on strengthening and securing the overall cybersecurity defense mechanism across America’s healthcare centers and organizations.
Major cybersecurity loopholes across healthcare organizations in the US
Threat actors are getting more sophisticated with their cyber tactics. Meanwhile, the healthcare sector is infested with multiple security challenges which make it a weak link in front of the attackers. Outdated software and security systems make them highly vulnerable to modern cyberattack tactics. Further, limited financial resources prevent them from upgrading to robust security measures. Also, depending on third-party vendors for running day-to-day operations makes their data and critical systems vulnerable to threat attacks.
The ransomware attack on the Ohio health center network serves as a stark reminder of the harsh cybersecurity challenges facing the U.S. healthcare sector. It’s imperative that these organizations take immediate steps to strengthen their security infrastructure. This includes not only reinforcing ransomware defenses but also implementing robust phishing protection measures. Developing a comprehensive cybersecurity strategy is essential to help prevent future attacks and safeguard sensitive patient data.