On Dec. 25, cybercriminals unsuccessfully attempted to encrypt computers at Aspen Valley Hospital through one of the hospital’s third-party vendors. When Aspen Valley Hospital was alerted to the ransomware, IT staff shut down the hospital’s computers.
“It was ransomware where they were trying to encrypt and shut us down and make the vendor pay a ransom,” hospital CEO Dave Ressler told the Aspen Times. “We were collateral; it wasn’t a direct hit on us.”
For 36 hours, clinicians and other hospital staff shifted to downtime procedures, including using paper-based records. Aspen Valley Hospital uses a Meditech EHR. The electronic system was up and running by the end of the day on Dec. 26.
There is no evidence that patient data was affected.
More articles on cybersecurity:
Health systems should update computer systems in wake of Iran tensions, H-ISAC says
3 cybersecurity predictions for 2020
Former NYC hospital employee pleads guilty to hacking coworkers’ emails