Large Health Care System Suffers Rhysida Attack

August 21, 2023

Large Health Care System Suffers Rhysida Attack

Rhysida is an emerging threat group, targeting many critical infrastructure sectors including the Healthcare and Public Health (HPH) sector. It is a ransomware-as-a-service group which deceitfully describes itself as a “cybersecurity team” projecting themselves as helping victims highlight potential security issues and secure their networks. While not much is known about the group’s origins or country affiliations, Rhysida ransomware is deployed in multiple ways.

On August 3, 2023 Rhysida attacked a health care system which operates 16 hospitals and more than 165 clinics and outpatient centers in four states.

According to reports, the attack resulted in “emergency departments to close, ambulances to be diverted, and other medical services to cease operations” in what appeared to be a ransomware attack.

The attack required the hospitals to take their systems offline to protect their patient data and to revert to using paper records. In some states, the health system’s blood draw stations and medical imaging locations were also impacted. Areas saw emergency departments, as well as some primary and specialty locations closed until further notice. As a result, impacted entities were contacting patients individually due to the various effects to patient care.

Read the 2-page August 16, 2023 Brief released by the HHS 405(d) Task Group which also recommends that your IT department implement the following best practices found in their FREE resources, such as the Health Industry Cybersecurity Practices (HICP) Technical Volumes 1&2 and Knowledge on Demand to protect your valuable health information from such threats.

Low-cost resources offered by the American Institute of Healthcare Compliance (AIHC) – a non-profit organization: