Follow us

Springhill medical center under Cyberattack, deprives mother of her child

The mother claims that her 9-year-old, Nicko Silar, was put to eternal rest due to the failure of electronic devices under a ransomware attack

Updated: October 15, 2021 By Ozair Malik

Hospital Corridor with stretcher and doctors roaming around

Image source − shutterstock.com

Amid a ransomware attack, the Spring Medical Center was held responsible by an Alabama mother, Teiranni Kidd, for her daughter's death.

Reputedly, then a failure in the electronic devices due to the Cyberattack, the doctors could not adequately monitor the child's health during delivery.

Nicko Silar was killed due to these unfortunate events, though the hospital still stays in denial. At the same time, the suit clearly stated that the computer systems had been crippled by a cyberattack, which later resulted in reduced care that resulted in the infant's death.

The lawsuit

The lawsuit, first reported in The Wall Street Journal on Thursday, was initially filed in 2019 in Mobile County; at that moment, the infant Nicko was still alive.

The lawsuit raises the question of malpractice, seeks an unspecified amount of money from the hospital. In contrast, the staff and the doctors at the said hospital remain under the statement that the severity of the Cyberattack was not made public; had it been the case, the kid would have still been among us.

Springhill's statement

Had the news of the cyberattack on Springhill had been made public, Teiranni Kidd would have had gone to another hospital for her check-up and delivery,

Said Dr. Katelyn Braswell Parnell, the one responsible for Nicko Silar's birth.

Whereas all the accusations have been denied by the hospital, consequently asking the judge to dismiss the most severe part of the lawsuit filed, this withstands the officials conspired to publicly create an "erroneous, deceptive and evasive narrative" about the Cyberattack in the intrigue that made the child's birth unsafe.

The hospital further argued that under no Alabama law did the hospital have any legal duty towards Kid to provide the details of the said Cyberattack. It is further taken under notice that Parnell, the doctor responsible for the delivery, was fully aware of the problem; the inaccessibility of the relevant systems.

On the other hand, Parnell and her medical staff, Bay Area Physicians for Women, deny anything that caused Nicko injuries and death.

WKRG-TV reported that Springhill had just released a public statement about the Cyberattack the day before the delivery of Nicko and had declared.

Staff has continued to care for our patients safely and will continue to provide the high quality of service that our patients deserve and expect.

German hospital hacked

Duesseldorf University Clinic's systems had been disrupted; the hospital said investigators had found that the cause of the mess was a hacker attack on the "widely used commercial add-on software".

As a result, systems moderately crashed, and the data wasn't accessible; emergency patients were taken elsewhere, and operations were postponed. It is reported by the hospital that there was no ransom demand whatsoever and that there were was no indications that the data was irretrievably lost.

A state's justice minister report said that 30 servers at the hospital were encrypted last week, and an extortion note was left on one of the servers. The said note was not addressed directly to the hospital but to the Heinrich Heine University, affiliated with the hospital.

The perpetrators were made aware that the hospital had been affected and not the university by the police. The perpetrators then provided a digital key to decrypt the data, and the extortion attempt had been withdrawn, which was no longer reachable.

An investigation was launched against the unknown perpetrators. Patient in a life-threatening situation had to be taken to the hospital that night had to re-route to another hospital.

It had taken long enough for the patient to reach the next hospital located 32-kilometers away. Consequently, the patient was not treated on time and died.

Hitting the most vulnerable

Medical organizations make an enticing target when it comes to the rise in cyberattacks. Many of thousands of locations that operate on a combination of wired and wireless networks are linked to massive health care systems.

Once a network is infiltrated via something like a phishing email, hackers can move between geographic sites. Hackers scan the global network for vulnerable systems to prey; they take the information and sometimes don't even know they've breached a hospital's network. Hence, most of these offenses occur like this.

Though it does come with downsides, these breaches succeeded by taking the help of the industry's digital push over the past two decades. Still, this ongoing evolution of technology has advanced the doctors and health care workers to provide better assistance to the patients and give enhanced treatments in critical situations.

These attacks can either be targeted to avenge situations through different country-based conflicts. No matter how bad and inhuman this may sound, people are taking such measures in the name of revenge, putting innocent lives at risk without regrets and any problems.

Such cyberattacks may have been precise, not taking lives, simply targeting to breach the data for the market, but now they have come to a place where they are causing mothers to lose children and vice versa. We see this inhuman face of the society that people's lives of the innocent aren't considered, and both the government and hospitals are held responsible for this.

Health care's risky digital revolution

This shift towards technology has led the world into a more straightforward and smooth-running process. Still, we beg to differ regarding the effects it has started to have on our community through cyberattacks.

When the new devices are launched on the same old systems that lack to secure the system's firewall to make it safe and keep the sensitive information hidden, the health sectors start to lack, resulting in this Cyberattack, putting innocent lives on the line.

These outdated systems and operating systems have allowed the ransomware to exploit specific vulnerabilities, shutting down machines and creating problems in the data.

Between 40 to 60 percent of the health sector ignores the need to update their technology; they forget to consider how the patients are affected because these failures happen during hacks and become vulnerable.

Giving it all out to the attacker being unable to protect themselves can also be because health departments already have a lot on their plate; negligence towards technological aspects is bound to happen in that scenario.

To overcome these problems, proper IT departments in the hospital should run necessary technology-related tests, keeping the attackers away from the sensitive data.

Long overdue investments

The medical sector's lack of preparedness for such cybercrimes is another alert, indicating a more significant crisis. With the current situations and rising pandemics, it is high time to be paying attention and money to solve these issues and be prepared beforehand other than waiting for things like this to happen and then be taken into consideration.

Conclusion

There are both low-tech and high-tech proposals to tackle the rise in cybercrimes in the health sector, but to reach them, we must be prepared; we need to make preparations today to be ready for the crisis that's coming tomorrow.

Tags: 
News
Author
Ozair Malik
A passionate Cyber Security researcher and writer with a keen interest in Digital Forensics. A community worker running a insta blog to raise cybersecurity awareness among laymen.

Leave a comment

click to select