Current News



It's not just Scripps. Ransomware has become rampant in health care during pandemic

Paul Sisson, The San Diego Union-Tribune on

Published in News & Features

SAN DIEGO — On a local level, the ransomware attack that engulfed Scripps Health this past week, paralyzing digital resources from hospitals to outpatient clinics, was isolated. Other health care systems in the region have been unaffected and able to assist diverted patients with serious and immediate needs including heart attacks and strokes.

But, look around and it is obvious that Scripps is not alone.

A recent report from software firm VMWare Carbon Black estimates that its health care customers experienced a 9,851% increase in hacking attempts in 2020 compared to the previous year. And activity intensified with the COVID-19 pandemic, attempts spiking 87% from September to October.

Beau Woods, a senior adviser for the federal government's Cybersecurity and Infrastructure Security Agency, confirmed that attacks like the one still unfolding at Scripps simply metastasized in the past year.

"Ransomware is increasing in sophistication, it's increasing in prevalence," Woods said. "The purveyors of ransomware are generally reinvesting the fees that they collect from the entities they extort to acquire more capabilities.

"They're getting better, they're getting more frequent, particularly during the pandemic where we've opened up more connectivity to allow more remote work."


Scripps' current predicament, which, according to several sources was unable to offer radiation treatments to its cancer patients until the proper equipment was finally able to be returned to service on Friday, follows an even more widespread attack late last year.

On Sept. 27, what is believed to be the biggest ransomware attack in health care, hit Universal Health Services Inc., a 400-hospital nationwide health care system with facilities in California, including Temecula Valley Hospital and Inland Valley Medical Center in Wildomar.

It took three weeks for all UHS facilities to return to full operation, and the publicly traded company lists $67 million in negative financial impact from the attack in its fourth-quarter earnings report though it has not said whether or not it paid the ransom that hackers demanded.

That impact included diversion of ambulances to other hospitals when electronic medical records were locked down and inaccessible.


swipe to next page
(c)2021 The San Diego Union-Tribune Distributed by Tribune Content Agency, LLC.