On Nov. 22, officials from the Cybersecurity and Infrastructure Security Agency alerted Ardent Health Services about malicious cyber activity impacting its computer systems the day before the organization identified a ransomware attack on its facilities and affiliates, CNN reported Nov. 27.
A spokesperson for Nashville, Tenn.-based Ardent Health told CNN that officials from CISA reached out to the organization "to make us aware of information about suspicious activity in our system." However, CISA's discovery occurred subsequent to Ardent Health identifying an "anomaly" in its computer systems on Nov. 20.
Following this detection, Ardent conducted an investigation, according to the spokesperson, but did not know it was ransomware until Nov. 23.
The communication between Ardent Health and CISA was a component of a program initiated by CISA in 2023, aiming to alert organizations in critical industries about the potential risk of ransomware attacks unless preventive measures are implemented.
According to CISA officials, they have successfully prevented numerous ransomware attacks through this program.