Ransomware infects hospitals in Ohio, West Virginia

The pair of hospitals are the latest health care organizations to be hit by ransomware.
(Getty Images)

Ransomware has infected two hospitals in Ohio and West Virginia, a spokeswoman said Monday.

The attack affected the Ohio Valley Medical Center and East Ohio Regional Hospital, Karen Janiszewski, spokeswoman for parent company Ohio Valley Health Services & Education Corp., confirmed in an email to CyberScoop. Officials did not specify what kind of ransomware caused the incident.

The attack Friday prevented the two hospitals, which together have 340 beds, from receiving patients via ambulance through at least part of Thanksgiving weekend, Ohio’s The Times Leader reported. No patient data was compromised and the hospitals could accept walk-in patients, according to the paper.

The two hospitals are “the area’s only comprehensive behavioral and mental health services and board certified emergency services on both sides of the Ohio River,” which separates Ohio and West Virginia, according to their website.


This attack is only the latest to strike U.S. medical facilities. Health care organizations have been on the front lines of recent ransomware infections. Nearly a quarter of the 67 SamSam ransomware attacks in 2018, for example, targeted the health sector, according to cybersecurity company Symantec.

In a Facebook post Saturday, the Ohio and West Virginia hospitals said, “We apologize for the inconvenience and are continuing to work on the situation.”[0]=68.ARD3ce9V5HgKju7qHptWLrS9dQxb5FwwVaPVNdhboJ_5L8TsYcxNIosmOlHShTu8SWSxMMgi_oqaDi1czLFgYNl3u-uyfNvhjI2KEZgdKNnGI0vHQ-dlzXWgNNoPEFfyZI3omSKN59PNCFAqIJTqa09G3Mo_6eIt1wkhJOfcB5t6uzzZEViGFAFEUN7vrk2r9lVK66E00OZLco0GQ_b0EMX8gJhSXfk8-6qVsp78EPj9wxSaFUypPKRHXZV3xgpfLNJhw4kq4rtfywOYbABfu1-_8kTc7SDPNcxu3z_qrianWFIdXvEUbVmBqlNs-kHtGoaD46BPpUC4hqYYF46xOjyHg6vHivHNm4I7K2J3_HiaWCqKh8agSJRXJrfDWK3ViuXXip8UTNW-90n4KsMh2nIcgG6z-bIoHN3yT5tBu1vy74tXYrlmyYitx2dWHOBQrPZM8ENjJdzEw7_4YR1NMOBOhEaEXsMP1ZIbs2Sa3N0Jp-q8ThIlSA&__tn__=-R

In the face of the persistent ransomware threat, medical professionals are prioritizing cybersecurity, but are under-resourced in their defenses, research shows.

Of the 400 medical professionals surveyed by the Chertoff Group and health care company Abbott, more than 90 percent said that securing patient data is a focus at their hospital. However, 75 percent of the doctors and 62 percent of the hospital administrators felt “inadequately trained or prepared” to mitigate cybersecurity risk.


Some organizations have responded to ransomware attacks by paying off the hackers: In January, after SamSam hit an Indiana hospital computer network, hospital officials paid $50,000 to unlock the data.

Beau Woods, a cyber safety innovation fellow at the Atlantic Council, said that health care organizations should take concrete steps to prepare for ransomware such as backing up data, updating clinical systems, and practicing the ability to function offline.

“Tools meant to improve patient care can impede it if not well safeguarded,” Woods told CyberScoop.

As for the pair of Ohio and West Virginia hospitals, the facilities’ IT security team was aiming to have the ransomware infection “resolved” by this past Sunday, Janiszewski told The Times Leader.

In a follow-up statement to CyberScoop Wednesday evening, Janiszewski said that several of the software programs that were affected by the ransomware attack had been restored to normal functioning but that IT personnel were still running tests on multiple other systems.


“It is our hope to have all systems restored online by the end of this week,” Janiszewski told CyberScoop.

“The hospitals are receiving patients as we normally do – if we have a patient arrives and we are not able to treat them due to the software issues then that patient is transferred,” Janiszewski added in her Wednesday email.  “We’ve only seen a slight decline in patient visits in the [emergency department] due to diversion.”

As of Wednesday at 10 pm local time, patients were no longer being diverted from the emergency room because of software issues, she added.

UPDATE, 11/30/18, 10:05 a.m. EDT: This story has been updated with an additional statement from Karin Janiszewski, spokeswoman for the Ohio Valley Health Services & Education Corp.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts