St. Margaret's Hospital Closure Showcases Ransomware's Existential Threat

upnorth

Level 68
Thread author
Verified
Top Poster
Malware Hunter
Well-known
Jul 27, 2015
5,458
An Illinois hospital's decision to cease operations later this week at least partly because of a 2021 ransomware attack that crippled operations for months is a stark reminder of the sometimes-existential threat that online extortion campaigns can pose. That's especially true for resource-strapped small and rural hospitals.

St. Margaret's Health (SMH) will permanently close its hospitals, clinics, and other facilities at Spring Valley and Peru, Ill. this Friday, June 16, after serving the community for 120 years. Multiple factors led to the decision, including unprecedented expenses tied to the COVID-19 pandemic, low patient volumes tied to social-distancing mandates, and staff shortages that forced the health system to have to rely on temporary staffing agencies. But the February 2021 ransomware attack on its systems at Spring Valley had a big part to play; they catastrophically impacted the hospital's ability to collect payments from insurers for services rendered, and the attack forced a shutdown of the hospital's IT network, email systems, its electronic medical records (EMR) portal, and other Web operations.
SMH vice president of quality and community services Linda Burt says the attack lasted four months, during which employees had no access to the IT system, including email and the EMR system. "We had to resort to paper for medical records. It took many months, and in some service lines, almost a year to get back online and able to enter any charges or send out claims," Burt says. "Many of the insurance plans have timely filing clauses which, if not done, they will not pay. So, no claims were being sent out and no payment was coming in."
Joshua Corman, former CISA chief strategist and current vice president of cyber safety strategy at Claroty, expects what happened at SMH will happen to other hospitals, especially smaller ones and those located in rural areas. Corman, who was part of a CISA COVID-19 task force that looked into the potential correlation between excess hospital deaths and ransomware, says the hospitals most expected to close are those that are situated the farthest away from other hospitals and alternative care options. "Small and rural hospitals already face significant financial strains from the last few years of [the] pandemic and very few have much cash-on-hand reserves for unplanned disruptions," Corman says. "Ransomware attacks can disrupt operations for weeks and months and can, therefore, represent the straw that breaks the camel's back."

A couple of factors might be exacerbating the situation. Often many small, midsized, and rural hospitals lack a full-time security staff. They also have a harder time getting cyber insurance, and when they do, it can cost more for less coverage.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top