Connect with us

Hi, what are you looking for?

Tech & Science

Lessons for the Universal Health Services ransomware attack (Includes interview)

As Digital Journal reported last month, Universal Health Services, one of the largest healthcare providers in the U.S., was hit by a ransomware attack. The atatck took down many systems and left consumers and healthcare employees unable to access many of the services.

Universal Health Services is an U.S. Fortune 500 listed company. The firm operates in the private sector and it delivers hospital and healthcare services. Headquartered in Pennsylvania, the company has annual revenues of circa $11 billion.

With the ransomware attack, some 400 hospitals were affected by the incident. The matter is now resolved, but the attack was the latest example of Ryuk ransomware. This malicious code targets businesses and continues to focus especially on healthcare providers, using the additional work and confusion around COVID-19 as a means to impact vulnerable systems.

READ MORE: Schools forced to postpone after ransomware attacks

Looking at lessons to be learned from the attack, Sanjay Jagad, senior director of products and solutions at Cloudian tells Digital Journal: “The Universal Health Services attack demonstrates the growing threat ransomware poses, especially to highly regulated industries.”

This is particularly so because: “Extremely sensitive customer data and an organization’s reputation are at stake. Perimeter security solutions inevitably fall short against increasingly sophisticated ransomware attacks.”

So what can be done? Jagad recommends: “To truly safeguard themselves, organizations must instead protect data at the storage layer. This easiest way to do this is to keep a backup data copy on immutable storage: once written, the backup cannot be changed or deleted for a specific period.”

This mechanism, Jagad, “prevents malware from being able to encrypt the data and lock the victim out. If a ransomware attack occurs, organizations can restore an unencrypted copy of the data via a simple recovery process. In the past you needed specialized storage devices to get this feature. However, select enterprise storage systems now offer a new feature called Object Lock to provide immutability.”

In terms of who can provide support services, Jagad says: “Multiple backup vendors such as Veeam and Commvault now support this feature within an automated workflow, making it easy to use. With Object Lock, data is protected at the device level, rather than being dependent on an external layer for defense.”

ALSO READ: University of Utah caught out in ransomware incident

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:


For those seeking to snap up a ticket, it is important to know how to spot fake tickets, verify sellers, and safeguard the purchase.


What do you guys think the expression “useless morons” means?

Tech & Science

A defensive approach is no longer sufficient. Water facilities must implement a proactive cybersecurity defense to effectively mitigate cyber threats.


The US Department of Justice filed a major antitrust lawsuit Thursday seeking to break up an alleged monopoly in the live music industry.