Cybersecurity

Largest Vermont Hospital Among Victims of Cyberattack

The University of Vermont Health Network was attacked by cybercriminals

NBC Universal, Inc.

The University of Vermont Health Network was impacted by a cyberattack that forced several computer systems offline.

Vermont's largest hospital confirmed Thursday it was a victim of a cyberattack that targeted key computer systems.

In an interview with NECN and NBC10 Boston affiliate NBC 5 News, Vermont Public Safety Commissioner Mike Schirling characterized the penetration of the University of Vermont Health Network's systems as the largest-ever cyberattack in Vermont that he was aware of.

"This site can't be reached," read the message patients of the UVM Health Network were getting Thursday if they tried logging into their personal portals to access their own medical histories.

Federal authorities warned the public Wednesday that cybercriminals were attacking health care systems with extortion attempts using ransomware, which locks systems until money is paid to decrypt files.

NBC News reported that it appears to be the work of the same hackers who infected several other hospitals nationwide with ransomware.

Federal agencies say cybercriminals are unleashing a major ransomware assault against the U.S. healthcare system.

Late Thursday, the University of Vermont Medical Center in Burlington said it had no word yet if this was a ransomware attack.

"Our IT folks and the investigators are focused on what happened, how did it happen, why did it happen, and then move forward to a recovery process when that appears to be appropriate," said Dawn LeBaron, UVMMC's vice president for hospital services.

The attack caused shutdowns of a South Burlington finance office and forced the rescheduling of some elective procedures at the UVMMC Thursday. The emergency room remained open.

"We're prepared if this lasts one more day or a week," said Dr. Steve Leffler, the president of UVMMC, who added that high-quality patient care is continuing at the ER and in other units.

He noted that certain elective procedures did have to be rescheduled.

Responding to a question from NECN, Leffler said protecting patient data was top-of-mind.

"As soon as we knew something was happening yesterday, we shut down everything in the system, including all patient information," Leffler said. "So at this point, we are still investigating what's been impacted. We have no information patient information has been impacted, but we're still doing that investigation."

LeBaron said the hospital has conducted regular training drills to prepare for the possibility of system outages.

UVMMC said it is handling local traumas. However, patients who'd normally be transferred here from other ERs are, for now, being transferred to different hospitals.

"Health care is being targeted, probably, because they're more ripe for a bigger payout," cybersecurity expert George Silowash told NECN and NBC10 Boston.

Silowash manages such risks for Norwich University in Northfield, Vermont, and also teaches courses on digital forensics there.

Many ransomware attacks begin with something as simple as an email that looks like it's from someone you trust.

He said ransomware attacks are on the rise, across many sectors.

"Sometimes, these attacks can take days or weeks, sometimes even months, to recover from," Silowash said. "If they can even recover from them. And the investigation is likely to take just as long."

"Everyone is very focused," said UVMMC cardiology nurse Mari Cordes, who is also a member of the Vermont House of Representatives serving part of Addison County.

Cordes told NBC 5 News she and her colleagues are going back to basics: using paper charts, handwriting notes on patient care, and double- and triple-checking all plans.

"I do want to put the public at ease, even though, from a 30,000-foot view, this is definitely disturbing," Cordes said. "But what's happening in the hospital is very methodical. We are using the same safety precautions we've always used."

The FBI office in Albany, New York, said Thursday it was working with local, state and federal partners to investigate, but could not comment further due to the active nature of the case.

Additionally, Schirling said the U.S. Department of Homeland Security is part of the investigation and helping mitigate impacts.

Exit mobile version