Russia’s 2017 Cyberattack on Ukraine Seriously Impacted U.S. Hospitals

NotPetya not only crippled Ukraine, it caused $10 billion in damage worldwide and negatively impacted U.S. patient healthcare.

Russia’s 2017 Cyberattack on Ukraine Seriously Impacted U.S. Hospitals

For several years now, healthcare facilities have been a prime target for malware and cyberattacks. In September, Campbell County Health in Wyoming experienced a ransomware attack that disrupted many of its services. During the attack, all 1,500 of the hospital’s computers were affected.

In October, DCH Health System hospitals in west Alabama paid off hackers for the decryption key to the ransomware that impacted three of its facilities. Several healthcare facilities in Australia were also crippled by the malware.

In 2017, a ransomware attack that hit the Erie County Medical Center in New York took its trauma center offline for six weeks, reports CBS This Morning.

But a hospital doesn’t need to be the direct target of a malware attack for the facility to be severely impacted. According to a new book by Andy Greenberg, called Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers,  the malware known as NotPetya, which hit Ukraine on June 27, 2017, not only crippled its intended target — Ukraine — it caused $10 billion in damage worldwide, in addition to taking a toll on patients’ healthcare across America. The malware was created by a group of Russian military hackers.

In addition to Ukrainian hospitals, which directly dealt with NotPetya, some U.S. hospitals were also directly impacted. Heritage Valley Health System in Pennsylvania was infected. The Russian malware shut down every one of its machines running Windows, crippling operations. New patients had to be turned away for three days.

Although the vast majority of U.S. hospitals were not infected by NotPetya, many were seriously impacted in other, indirect ways by the malware.

For example, one of Sutter Health’s service contractors – Nuance, which provides physician transcription services – went down , reports Slate. This meant that no Sutter doctor could dictate changes into their patients’ medical records. At the time of the infection, Nuance’s transcription services were used by hundreds of hospitals and thousands of clinics around the world.

What made the problem worse was the fact that the Nuance system didn’t tell clinicians that it was down, so doctors continued to dictate changes to patient files into Nuance, but those changes didn’t show up. This meant that important updates, such as final approvals for operations or prescription changes didn’t appear in patient records. The lack of updated information could seriously impact patient treatment.

It took two weeks for Sutter to switch from Nuance to one of its competitors, not to mention all of the time it took to deal with the backlog of patient record changes.

According to Sutter, it was fortunate in that all of its urgent cases were tracked down so the records could be updated in time to prevent patient injury. However, another hospital, which was not named by Slate, had some close calls due to missing pediatric records as a result of the Nuance malware infection.

The Russian NotPetya cyberattack is one aspect of the ongoing conflict between Russia and Ukraine. According to Wired, Ukraine has become a scorched-earth testing ground for Russian cyberwar tactics.

In addition to Ukraine and U.S. healthcare facilities, NotPetya cost the shipping firm Maersk $300 million, while FedEx lost $400 million and drugmaker Merck lost $870 million from the attack.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

About the Author

robin hattersley headshot

Robin has been covering the security and campus law enforcement industries since 1998 and is a specialist in school, university and hospital security, public safety and emergency management, as well as emerging technologies and systems integration. She joined CS in 2005 and has authored award-winning editorial on campus law enforcement and security funding, officer recruitment and retention, access control, IP video, network integration, event management, crime trends, the Clery Act, Title IX compliance, sexual assault, dating abuse, emergency communications, incident management software and more. Robin has been featured on national and local media outlets and was formerly associate editor for the trade publication Security Sales & Integration. She obtained her undergraduate degree in history from California State University, Long Beach.

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

One response to “Russia’s 2017 Cyberattack on Ukraine Seriously Impacted U.S. Hospitals”

  1. […] attackers have been identified as TA505, which is a Russian criminal […]

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters
Campus Safety Conference promo