Scripps Health: The Non-Profit Healthcare Giant Hit by Cyberattack


According to many press reports and the San Diego Union-Tribune, the San Diego-based Scripps Health still tries to assemble certain parts and coordinate sensitive patient data following a ransomware attack on the computers of the healthcare system over the weekend. 

In a declaration, Scripps accepted the intrusion but did not indicate that it was a ransomware incident or not. Whether adversaries affected medical records, or any other confidential data is also unclear. 

In the report, an email from Jaime Pitner, Co-ordinator of County Emergency Services, said that Scripps had all four major hospitals in Chula Vista, Encinitas, La Jolla, and San Diego. The patient was transferred to other emergency facilities for strokes, traumas, and heart attacks. 

In September, Universal Health Services (UHS) staff members, a Fortune-500 owner of a national hospital network, announced extensive failures leading to delayed laboratory results, falling back into style and paper, and diverting patients. The suspect was the ransomware group Ryuk, which encrypted hospital systems over days. 

“No patients died tonight in our [emergency room] but I can surely see how this could happen in large centers due to delay in patient care,” as stated by a nurse. 

A ransomware attack in a hospital in Germany at the Dusseldorf University led to emergency department diversions to several other hospitals. A study from the Ministry of Justice of the State North Rhine-Westphalia indicates that a patient was killed, who had to be brought to a farther hospital in Wuppertal owing to some kind of clinic server attack. The patient died. However, the original murder charges in the case were subsequently dismissed. 

“Showing just how low cybercriminals will go, the attack on a major healthcare facility like Scripps highlights the dark side of ransomware, disturbingly putting lives at risk,” said Edgard Capdevielle, CEO of Nozomi Networks, via email. 

Employees have also stopped their everyday activities. The network of electronic health records has been broken and the nurses, physicians, and other staff have used manual procedures and paper records. This also happened during the UHS assault. And the "telemetry at most sites," which is used to track and warn electronically has been unavailable for the time being, says Scripps, prompting routine patient manual inspections. A source said the paper was influenced by medical imagery as well as other "resources." 

However, Scripps has affirmed that while the systems are offline, “patient care continues to be delivered safely and effectively at our facilities, utilizing established back-up processes, including offline documentation methods.” 

In their efforts to take advantage of and use the most insecure networks, health organizations, these malicious actors and attackers are relentless. According to Purandar Das, CEO, and co-founder at Sotero, Hospitals are indeed the top target for attackers – their vital position in communities will lead them to pay rapidly. 

He added, “Criminals are targeting organizations that have been slow to adopt a more robust and resilient architecture. Organizations have to move towards protecting data, via new encryption technologies, that keep them secure while enabling privileged access. This prevents a ‘data held hostage’ situation. Secondly, organizations have to move towards a resilient deployment architecture that enables them to bring up a failover system without risking long term outages.”