The attack on Universal Health Services (UHS), as TechCrunch unearths, occurred early on towards the end of September 2020, according to two people with direct knowledge of the incident. In addition, according to NBC News, UHS’ systems experienced the attack last Sunday, September 27, and was considered to be one of the largest attacks in U.S. history.
The impact of the attack was to lock computers and telephone systems at several UHS facilities across the country. This included populous locales in California and Florida.
At this stage it is not immediately known what impact the ransomware attack is having on patient care, or how widespread the issue is. However, the company is a major private sector healthcare services provider. UHS has 400 hospitals and healthcare facilities in the U.S. (the company also has some in the U.K., as part of the fringe private healthcare system). Across these two territories,, the company serves millions of patients each year.
To gain an insight into what this type of attack actually means, Mark Bagley, VP of Product at AttackIQ, tells Digital Journal about the implications.
Bagley explains that: “Ransomware attacks often have collateral damage and impact beyond the ransom.”
This is certainly so when a healthcare provider is targeted by malicious actors, as Bagley details: “When hospitals and healthcare providers are attacked, we’ve unfortunately learned the lesson that patient lives can be put in danger as witnessed a few weeks ago. While the impact of the UHS incident is currently unknown, millions of patients are served yearly and their care could be at risk.”
In terms of a counter-strategy designed to minimize such attacks going forwards, Bagley recommends: “A proactive and threat-informed approach to security strategy that produces evidence of ransomware defense is crucial for these organizations. Being able to demonstrate which defenses are effective against the common tactics, techniques and procedures used by the adversary allows for a program to be implemented – and improved with automated solutions that continuously test that program over time.”
