Chicago Children’s Hospital Cyberattack Disrupts Care

Updated May 28, 2024

When the below blog was published, we reported that it was unclear if patient information was held for a ransom during the cyber-attack on Lurie Children’s Hospital, a major hospital system located in Chicago. After further investigation of the attack, experts are now reporting that critical patient data has been sold by bad actors, raising concerns about who gets their hands on this data.

In a statement provided to NBC 5 Investigates, a hospital spokeswoman said: “We are aware that individuals claiming to be Rhysida, a known threat actor, claim to have sold data they allege was taken from Lurie Children’s. We continue to work closely with internal and external experts as well as law enforcement and are actively investigating the claims. The investigation is ongoing, and we will share updates as appropriate.”

Check out the full article below to learn more about the Lurie Children’s Hospital attack and how you can protect your organization from a devastating cyber-attack.

Original Post

Lurie Children’s Hospital, a leading pediatric care provider in Chicago, recently fell victim to a cyberattack, suspected to be ransomware. While hospital officials haven’t confirmed if patient data is being withheld for ransom, the attack has disrupted critical services, hindering access to medical records and communication channels. While there have been no direct deaths reported due to the cyberattack, the indirect damage can be astronomical, especially when patients’ lives are on the line. The hospital has been forced to take its networks offline until the situation is resolved. The impact is profound, with reports of surgeries, like a 7-month-old’s heart surgery, being canceled due to the attack. With CBS News reporting 299 hospital ransomware attacks in 2023 alone, the urgency for healthcare systems to bolster cybersecurity measures in 2024 is clear.

So, why do cyber criminals target hospital systems and what can these systems do to better protect themselves and their patients?

Sensitive Data

Healthcare providers store a wealth of sensitive information protected by HIPAA laws, including patients’ health records, payment details, and personal identifiers. The aggregation of critical data in one place makes these organizations attractive targets for cybercriminals.

Confidentiality and Continuity of Care

Hospitals are legally bound to maintain patient confidentiality and any breach can result in severe consequences, including termination and lawsuits. Cyber criminals exploit this vulnerability, knowing that hospitals may pay ransoms swiftly to protect patients and avoid disruptions to life-saving treatments.

Inadequate Security on Interconnected Networks

Healthcare systems heavily rely on interconnected devices for patient care. Unfortunately, some of these devices are out of date, incorrectly managed, or do not have any kind of EDR protection, which makes them susceptible to Ransomware attacks, and can lead to this type of attack spreading throughout the entire organization.

Lack of Preparedness

Healthcare systems often struggle with limited time and resources to update and train employees on cybersecurity best practices. With the increasing reliance on online platforms, unprepared systems become vulnerable to cyberattacks, leading to potentially dangerous consequences.

Resistance to Change

Healthcare providers may often resist change, citing the complexities and costs associated with updating systems; adhering to the “if it’s not broke, don’t fix it” mentality. However, as cybercriminals evolve their tactics, it’s imperative to adapt accordingly to safeguard against the dynamic threat landscape.

What can healthcare systems do to protect their patients and themselves?

Healthcare organizations have a lot on their plates providing essential services 24x7x365, requiring consistent access to their systems and making it difficult to prioritize cybersecurity updates. A key ethos of IT and cybersecurity providers is the importance of balancing usability with security. This happy medium can be hard to achieve with organizations that rely on immediate access to key information to provide their services. With this in mind, it is still key for healthcare systems to take incremental steps to strengthen their security posture to not only protect sensitive patient and employee information but protect their systems from threat actors with malicious intentions. Read on to learn more about the steps healthcare systems can take to protect their organization and patients from cyber threats.

1. Update and Patch All Systems

Regularly update systems and execute patches, especially of antivirus software, to prevent vulnerabilities that threats actors can exploit. Outdated operating systems on medical devices cannot only compromise the ability to deliver quality care but leave openings for cybercriminals to access and disrupt an environment.

2. Make a Plan for When a Breach Happens

Healthcare systems must recognize the inevitability of cyberattacks and have a comprehensive plan in place to quickly address them. Regularly backing up all your systems with immutable, air-gapped backups allows for quick recovery of your business’ data in the event of an attack. Creating Business Continuity and Disaster Recovery (BCDR) and Incident Response Plans are critical to making sure your team is prepared for an incident. While it’s crucial to have these plans in place, it’s also important to regularly test them to ensure that everyone is prepared and understands their role in the event of an attack. If your IT team does not have the capacity or cybersecurity experience needed, a cybersecurity retainer is a great strategy that allows you to have an experienced team at the ready to immediately respond and begin containing a breach and recovering your environment in the event of a cyberattack.

3. Employee Training

According to Security Today, 88% of security breaches are caused by human error. Staff cybersecurity awareness training is crucial to mitigating vulnerabilities and reducing the likelihood of a successful social engineering attack. Educate employees to recognize and avoid phishing scams, enforce strong password policies, and discourage using work devices for personal online activities.

4. Be Proactive, Rather Than Reactive

Healthcare systems must remain vigilant in monitoring the cybersecurity landscape to stay ahead of emerging threats and vulnerabilities. Proactively implementing security measures like MFA, Microsegmentation, and Access Control can significantly reduce the risk of security breaches. By investing effort in prevention, organizations can minimize the resources needed to react to security incidents.

5. Work with a Trusted IT and Cybersecurity Provider

Engage with a reputable IT and cybersecurity provider that is experienced in providing support to regulated industries, like healthcare. Providers like Entara offer comprehensive solutions, including security awareness training, backup servicescybersecurity retainers, and infrastructure monitoring to protect organizations from cyber threats.

Take Action Now

Entara stands ready to support healthcare organizations that are ready to prioritize not only the health of their patients, but the health of their security posture. By leveraging our expertise, providers can fortify their defenses against cyber threats, ensuring a secure environment for patient care. Contact Entara’s team for more information and discover how we can seamlessly integrate with your organization, allowing you to focus on what you do best – caring for your patients.

Scroll to Top