How Ransomware Fallout Is Rippling Through the US Health Care System

An ALPHV/Blackcat ransomware attack on Change Healthcare is wreaking havoc for patients and hospitals.
March 7, 2024
Read the full article in InformationWeek here:
Health-ISAC mention:
“I think the longer it goes, the more we’re going to find out about how the other systems will probably break. We’ll have more inconveniences for the patient, and then again at the bigger level macro level, I think we’re going to see more hospitals having financial issues because of the inability to be paid,” says Errol Weiss, chief security officer at Health-ISAC (Information Sharing and Analysis Center), a cyber threat intelligence sharing nonprofit.
This attack should serve as an awakening regarding the interconnectedness and complexity that exists in the US health care system, according to Weiss. “We as a sector, we as a society here in the US, need to do a better job of identifying these critical interdependencies,” he tells InformationWeek.
With workarounds in place, Change Healthcare has been able to process 3 million pharmacy transactions, with more being done each day, according to UHG’s updates page. On the claims side, it is up to 90% flow.
While the health care industry is still reeling from the fallout, it is unclear how exactly the attack was carried out. Security researchers have pointed to the ConnectWise ScreenConnect vulnerabilities exploited earlier this month. Health-ISAC shared in a Feb. 26 bulletin that cyber intelligence company RedSense identified Change Healthcare as a victim of the CVE-2024-1708 and CVE-2024-1709 vulnerabilities. On Feb. 27, ConnectWise published a statement stating it “is unaware of any confirmed connection between the ScreenConnect vulnerability disclosed on February 19th, 2024, and the incident at Change Healthcare.”
- Related Resources & News
- Potential Terror Threat Targeted at Health Sector – AHA & Health-ISAC Joint Threat Bulletin
- New Cybersecurity Policies Could Protect Patient Health Data
- CyberWire Podcast: PHP flaw sparks global attack wave
- Health-ISAC Hacking Healthcare 3-14-2025
- HSCC Aiming to Identify Healthcare Workflow Chokepoints
- New Healthcare Security Benchmark Highlights Key Investment Priorities and Risks
- Are Efforts to Help Secure Rural Hospitals Doing Any Good?
- CISA cuts $10 million annually from ISAC funding for states amid wider cyber cuts
- 2024 Health-ISAC Discussion Based Exercise Series After-Action Report
- Cobalt Strike takedown effort cuts cracked versions by 80%