A cyberattack on Kettering Health in Ohio has been linked to a ransomware group known as Interlock, the health system revealed on Thursday. The attack, which began in late May, caused disruptions to patient care and raised concerns about the security of healthcare systems.
According to reports, Interlock is an emerging ransomware group that has targeted various sectors, including healthcare. Cisco Talos, a threat intelligence researcher, highlighted the activities of this group in a report published last November. In response to the attack, Kettering Health has taken steps to eliminate the tools used by the group, conduct a comprehensive review of its systems and security protocols, and implement necessary updates and patches.
Despite these efforts, Kettering Health is still in the process of recovering from the cyberattack. The health system initially reported a system-wide technology outage on May 20, leading to the cancellation of elective procedures. It took about a week for Kettering to stop diverting ambulances to other hospitals, and core components of its Epic electronic health record system were only recently restored.
The incident at Kettering Health is a stark reminder of the growing threat of cyberattacks in the healthcare sector. Ransomware attacks, in particular, have become increasingly common and can have severe consequences for hospitals. These attacks not only disrupt access to critical technology systems but also result in the cancellation of appointments and the redirection of emergency cases to other facilities. In some cases, hospitals have reported an increase in patient mortality rates following ransomware attacks.
As healthcare organizations continue to face these challenges, it is essential for them to prioritize cybersecurity measures and remain vigilant against evolving threats. By investing in robust security protocols and staying informed about emerging risks, healthcare providers can safeguard their systems and protect the sensitive data of their patients.
