CommonSpirit Acknowledges Cyber Incident as Ransomware
US hospital network CommonSpirit Health is still struggling to get its IT systems up and running more than a week after they became infected with ransomware. Hospitals are still experiencing IT outages and disruptions to appointments. The attack began around October 3.
Years ago, all businesses learned that if the power went out in the data center, business stopped. Backup power or facilities were required and became common. Once those were in place, the first power outage pointed out another important requirement: regular testing of switching over to back up mechanisms. These days outsourced (mostly cloud) services are the “new electricity” and those backup processes *and* testing of those processes are needed to reduce the impact that Common Spirit’s customers are reporting.
Are you prepared to selectively take affected systems offline after an attack to rebuild them? Do you know the interdependencies of such actions? Can you reconcile transactions on connected systems? Dependency mapping, particularly in mature environments can be incredibly difficult, and may necessitate a response posture of taking large numbers of components offline rather than surgically addressing one at a time. Take a lead from actions taken during maintenance windows, typically based on lessons learned, for planning your approach.
Read more in
CommonSpirit: CommonSpirit Update
Health IT Security: Hospitals Continue to Suffer Impacts of CommonSpirit IT Security Incident
The Register: Hospital giant's IT still poorly a week after suspected ransomware infection
The Record: CommonSpirit confirms ransomware attack as U.S. hospitals deal with fallout