A major hospital chain has been hit by what appears to be one of the largest medical cyberattacks in United States history.
Computer systems for Universal Health Services, which has more than 400 locations, primarily in the U.S., began to fail over the weekend, and some hospitals have had to resort to filing patient information with pen and paper, according to multiple people familiar with the situation
Universal Health Services did not immediately respond to requests for comment, but speaking anonymously, one person familiar with the company’s response efforts who is not authorized to speak to the press said that the attack “looks and smells like ransomware.”
Ransomware is a type of malicious software that spreads across computer networks, encrypting files and demanding payment for a key to decrypt them. It’s become a common tactic for hackers, though attacks of this scale against medical facilities aren’t common. A patient died after a ransomware attack against a German hospital in early September required her to be moved to a different hospital, leading to speculation that it may be the first known death from ransomware.
Hackers seeking to deploy ransomware often wait until the weekend, when a company is likely to not have as many technical staff members present.
Two Universal Health Services nurses, who requested to not be named because they weren’t authorized by the company to speak with the media, said that the attack began over the weekend and had left medical staff to work with pen and paper.null
One of the nurses, who works in a facility in North Dakota, said that computers slowed and then eventually simply would not turn on in the early hours of Sunday morning. “As of this a.m., all the computers are down completely,” the nurse said.
Another registered nurse at a facility in Arizona who worked this weekend said “the computer just started shutting down on its own.”
Source: NBC News