One of the few Texas level 1 trauma centers outside of a major city – and the only one in West Texas – is being forced to divert patients because of a ransomware attack.
The University Medical Center (UMC) Health System based in Lubbock, Texas confirmed the ransomware attack in September 27 post. While all facilities remain open, the statement said that “we will continue to temporarily divert incoming emergency and non-emergency patients via ambulance to nearby health facilities until this issue is resolved. We are making accommodations wherever possible to minimize any disruption to our patients and our critical services.”
KCBD news channel in Lubbock said UMC “is the only level 1 trauma center within 400 miles,” making the consequences of a cyberattack on the healthcare network potentially devastating.
Despite being the 10th-largest city in Texas, with a population of 264,000, Lubbock holds a mythical place in American music as the birthplace of Buddy Holly and many other musicians.
No Timeline for Full Restoration at Texas Level 1 Trauma Center
UMC said it is working with “Third parties that have helped other hospitals address similar issues … Our teams are working around the clock to safely restore systems as quickly as possible.”
That said, the healthcare system said it does “not currently have an estimated timeline for full restoration of services,” and some departments and providers “are diverting or are on downtime procedures.”
UMC Physicians clinics are open as scheduled but “are not operating as normal” and non-emergency labs and radiology will be delayed.
UMC’s websites are also noticeably slow.
Healthcare Ransomware Attacks Can Be Devastating
There have been more than 800 ransomware attacks in the healthcare sector since 2020, according to Cyble data, and the problem has gotten even worse this year, with high-profile ransomware attacks hitting Change Healthcare, Ascension Health, OneBlood, NHS London, and many others.
The effects of a healthcare ransomware attack can be devastating, and manual backup process are no match for modern systems and automation. Backup processes following the NHS London attack, for example, resulted in a 96% drop in blood testing.
With the complicated medical supply chain, from software to everything that goes into patient care, insurance and billing, healthcare ransomware attack cleanup is also very expensive. Healthcare breaches are twice as costly as the average data breach, according to the latest data from IBM and Ponemon.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and other organizations offer free cybersecurity services and other help to hospitals and critical infrastructure, yet many healthcare organizations remain vulnerable to attack.
Paul Shread
Paul Shread has covered nearly every aspect of enterprise technology in his 20+ years in IT journalism, including award-winning articles on endpoint security and virtual data centers, and a report exposing critical security flaws in a major SIEM system. Publications he has edited and written for include eSecurity Planet, Datamation, eWeek, IT Business Edge, Webopedia, and many more. He wrote a column on small business technology for Time.com, and covered financial markets for 10 years, from the dot-com boom and bust to the 2007-2009 financial crisis. He holds market analyst, cybersecurity, and analytics certifications. You can follow him on LinkedIn at: https://www.linkedin.com/in/paul-shread/