Ransomware attack may delay scheduled procedures at Baltimore-area medical center
The Greater Baltimore Medical Center on Sunday became the latest U.S. hospital to grapple with a ransomware incident amid a raging pandemic that has stretched health care IT resources thin.
The ransomware attack caused “many of our [IT] systems” to go down, the 342-bed medical center said in a statement late Sunday. That means some patient procedures scheduled for Monday “may be affected,” GBMC said. The hospital emphasized that it had “robust processes in place to maintain safe and effective patient care.”
It was unclear how many patient procedures were affected by the ransomware attack, or what type of malicious software was involved. A GBMC spokesperson did not respond to requests for comment.
GMBC said no patient data had been “misused,” and that it had enlisted outside security experts and law enforcement to help respond to the incident.
The Towson, Maryland-based medical center is following a playbook that numerous hospitals across the country have exercised after having their computer systems hampered by ransomware. There have been 93 publicly reported ransomware attacks on health care providers in 2020, compared to 50 attacks in 2019, according to Allan Liska, an analyst at threat intelligence company Recorded Future. Resource constraints and managing software updates are enduring challenges for the sector.
Cybercriminals have looked to extort hospitals overwhelmed with coronavirus patients. One criminal group known for multimillion-dollar ransom demands was behind a wave of attacks on U.S. hospital computers in October, according to security company FireEye. That threat prompted a public warning from federal officials, along with private briefings to health care executives urging them to raise their defenses.
Around that time, the University of Vermont Health Network suffered a cyberattack that forced one of the network’s hospitals to delay chemotherapy and mammogram appointments. For GMBC, the road to recovery is ongoing. “Our investigation is in its early stages. We will provide more information as we can,” the medical center’s statement said.
