Maryland Officials Acknowledge That Department of Health Was Shut Down Due to Ransomware Attack

Maryland Officials Acknowledge That Department of Health Was Shut Down Due to Ransomware Attack

Maryland officials acknowledged on Wednesday that the state’s Department of Health is coping with a severe ransomware attack that has left hospitals reeling in the wake of an outbreak of COVID-19. In a statement posted on Wednesday, Maryland Chief Information Security Officer Chip Stewart said the cyberattack began on December 4 and disabled their systems.

Stewart said that in the early hours of December 4, the health department’s network team discovered a malfunctioning server. They subsequently escalated the issue to the IT security staff, who informed Stewart that the incident may have been a ransomware attack. The state’s incident response strategy kicked off with numerous Maryland agencies, the FBI, and CISA being notified. They also enlisted the assistance of independent cybersecurity organizations to assist with the response. He justified his choice to leave some services offline, stating that he had seen companies reassemble systems too rapidly in the past.

Several Maryland news sites have reported that the state’s health department and dozens of local partners have been battling ransomware for the past six weeks. The government could not report COVID-19 case rates for weeks while the Omicron version wreaked havoc in other states. While that service has been restored, health authorities must now manually compute COVID-19 statistics. On Wednesday, Governor Lawrence Hogan justified the state’s approach, telling reporters that “unlike Texas and I think a couple of other dozen states, we haven’t lost hundreds of millions of dollars, and we haven’t compromised millions of peoples’ data.”

According to Maryland Matters, the number of COVID-19 fatalities in the state was not recorded for nearly the whole month of December. The state was unable to issue death certificates for about two weeks. In speaking with health authorities and union members about the attack, the outlet learned that some HIV-positive persons could no longer get their daily medication and that some hospitals could not access bank accounts to meet the cost of basic requirements.

After visiting the Springfield Hospital Center, State Senator Katie Fry Hester informed that authorities had restored access to high-profile, public-facing tools, but “the stuff behind the scenes that the healthcare workers need to actually do their jobs are still down.” According to other health authorities, many of the state’s smaller hospitals have been forced to return to paper records. Critical databases for infectious illnesses, lab results, and other information are still unavailable.

In a statement, Atif Chaudhry, deputy secretary for operations at the Maryland Department of Health, said the state has a continuity plan in place for instances like these. Officials emphasized mission-critical and life-safety services. At the same time, they worked around the ransomware attack, employing Google Workspaces to “ensure that they can serve the public’s most urgent needs right now and resume their standard level of full service.”

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.


Share on facebook
Share on twitter
Share on linkedin