Cyberattack on U. of Vermont hospital IT network delays chemotherapy, mammogram appointments

It's an example of how criminals can impact patient care.
health care, hospital, medical, chemotherapy, intravenous
(Getty Images)

A cyberattack at the University of Vermont Health Network has forced one of the network’s hospitals to delay chemotherapy and mammogram appointments, making it the latest example of how cybercriminals can impact patient care.

The disruption of computer systems at the health network, which comprises six hospitals and more than 1,000 physicians, began the week of Oct. 25, the organization said. The attack made some of the data used to process appointments for cancer patients temporarily unavailable. And the health network said that as of Monday it was still unable to conduct mammograms, breast ultrasound screenings and biopsies because of a lack of access to patient data.

The health network is nonetheless still treating cancer patients and is working to “expand our capacity” to provide chemotherapy seven days per week, the organization said in a statement on Saturday.

The laborious recovery process is ongoing.


“We are slowly and methodically restoring some systems,” Neal Goswami, a spokesperson for the health network said Monday. “That will take some time. But we’re making progress.”

It’s a window into the intense and multifaceted process a critical-infrastructure organization faces in recovering from a serious security incident. Forensic specialists are combing thousands of computers for malicious software. Experts from Cisco and Microsoft are helping out, according to Goswami, as is Vermont’s Army National Guard. The FBI is also investigating the attack.

Employees are affected, too. About 300 at the health network’s main hospital, the University of Vermont Medical Center, have had their jobs disrupted, according to Goswami. One hundred and twenty-nine of those people have been temporarily reassigned, and the health network is trying to do the same for the other employees, he said.

The cyberattack coincided with a series of reported ransomware attacks on hospital computers in multiple U.S. states. Experts say it is one of the more significant cyberthreats to the health sector in recent memory. Federal agencies warned that ransomware known as Ryuk, whose sponsors are known for extorting large sums from victim organizations, was involved in the attacks.

Goswami referred questions on whether Ryuk was involved in the incident at UVM Health Network to the FBI.

“FBI Albany can confirm we are investigating a potential cyber attack at UVM Health Network. along with our federal, state, and local partners,” an FBI spokesperson said in a statement. “This is an active investigation, and we decline to comment further at this time.”

Despite the deadly coronavirus pandemic, many criminal groups have continued to target health care organizations. There have been more publicly reported ransomware attacks on health care providers this year than in all of 2019, according to Allan Liska of threat intelligence company Recorded Future.

“If it’s one thing a hospital doesn’t need during a pandemic its [sic] a cyberattack,” one user wrote on the University of Vermont Medical Center’s Facebook page. “Hope those responsible are found and prosecuted.”

UPDATE, 11/10/20, 09:50 a.m. EDT: This story has been updated with a statement from the FBI.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts