A lot happens before ideas become solutions.
At ElixWare we want to bring you more than just great, affordable software. We want to let you know how and why we do what we do.
Our Ruminations blog will bring you insights into how we got here and some of the things we consider when trying to help you run your business. We hope it gives you a better understanding of how we strive to better serve your needs.
We recently covered this in a Bitpourri post, but soon realized that it was a much bigger story than originally thought.
Change Healthcare, an IT subsidiary of United Health, reported a network-wide cyberattack on February 21st. This resulted in a still-ongoing disruption to the largest prescription processor in North America. It is now reported that this attack is ransomware.
We've covered ransomware a few times, including in R is for Ransomware.
This attack is wreaking havoc from local pharmacies, to hospitals, cancer treatment centers, and even the VA. Facilities and doctors cannot verify if patients have prescriptions, insurance, or what level of coverage they may have (including copay amounts).
Change Healthcare is an American healthcare tech giant and one of the country’s largest processors of prescription. They handle prescriptions and billing for more than 67,000 pharmacies across the US. It processes 15 billion healthcare transactions each year - roughly one third of patient records - which include transmitting prescriptions, requests for insurance authorizations as well as payments. This has effectively been an attack on US healthcare system.
According to Change Healthcare's status page about this event, not all systems or services have been restored. As of this writing, the attack is still affecting over 6,000 hospitals and tens of thousands of medical providers, not to mention millions of patients. This attack isn't only interrupting the ability for healthcare facilities to receive prescription information. It's also preventing medical providers from receiving insurance coverage information, and from submitting billing for services.
Doctors are trying to serve patients even with these mission-critical technologies no longer available. This includes very time-consuming workarounds, such as calling each insurance company for each patient (and waiting on hold) and entering everything manually and waiting for insurance company systems to respond.
Change Healthcare's recovery may take up to 4-6 weeks, or even longer depending on the extent of the ransomware infection. The down-stream affect on medical practices, insurance claims and payment processing could last months. And the last to get everything straightened out will be the patients.
This type of attack is similar to a supply chain interruption for the medical industry. We recently covered a ransomware attack of this kind in Six Degrees of Kevin Bacon.
Countless patients are affected by these kinds of attacks. But the financial impact this is having on the medical industry is so severe that Change Healthcare has set up a loan program for cash-strapped health providers.
Change Healthcare hasn't been able to revive their existing services yet, but they have launched a new service to allow doctors and pharmacies to return to somewhat normal operations.
The cyberattackers taking credit are a well-known group Russian hackers known as BlackCat. Among other recent victims was MGM hotels and casinos last September. That attack knocked slot machines and ATMs offline as well as MGM's reservations system. Caesar’s Entertainment, as well as others, fell victim a few days later. In the MGM attack, BlackCat used social engineering to trick IT support into resetting a supervisor's multi-factor authentication, allow the breach.
Professional ransomware groups not only extort victims by holding their data ransom. They also upload a copy of the data before encrypting it. The threat of releasing this data can then be used as a cudgel to try to persuade the victims to pay the ransom. Often the data is sold on the black market anyway. In the case of Change Healthcare, this is patient and PHI data for millions of Americans.
This nationwide service disruption is not what the doctor ordered. The healthcare industry is an obvious, and well known target. Attacks on hospitals and healthcare are not uncommon. The attack in 2021 on Health Service Executive of Ireland was the largest known attack against a health service computer system at that time.
It is being reported that the attack vector used was a flaw in ConnectWise’s ScreenConnect software. Third party tools are often the source of security concerns. This is the same scenario as the Target hack a decade ago.
Though consolidation and merges are often good business, they aren't always good for consumers. In this instance, the fewer prescription processing options that are available means an outage of this magnitude will affect a large portion of the US population and medical providers. And being the largest doesn't necessarily mean being the most secure (as this continuing saga demonstrates).
prev post: Bitpourri - A Bad Week For Technology
We are a small team with a lot of experience, specializing in software development, design, and workflow, process & project management. We are fiercely dedicated to helping you do what you do best — run your business — without getting bogged down in the mountains of paper and hours of screen time required to do it. We are equally dedicated to protecting your privacy and your data. Learn more about our privacy policy.
