By REBECCA RUTHERFORD
Los Alamos
For the Los Alamos Daily Post
Nobody likes going to the hospital, but what if you became seriously ill or injured and the hospital had to turn you away at the door?
That’s exactly what happened at University Medical System (UMC) in Lubbock, Texas after they recently suffered a ransomware attack and had to divert incoming patients to other hospitals.
What is ransomware?
Ransomware is a malicious software designed to block access to computer systems until a sum of money is paid. The first documented ransomware attack occurred in 1989 when attendees of the World Health Organization’s AIDS conference were mailed floppy disks purporting to be a survey.
The floppy disks actually contained ransomware which locked down the recipients computers and demanded $175 be mailed to a PO box in Panama to release them.
Since then things have progressed, and most ransomware attacks come in the form of system compromise via phishing or other attacks, and ransom demands have increased exponentially.
Hospitals and other healthcare providers are huge targets for these attacks, because they are critical infrastructure that cannot afford downtime with lives on the line. These attacks have been increasing since COVID-19, with estimates from the U.S. Director of National Intelligence showing that in 2022 there were 214 healthcare facilities worldwide that suffered ransomware attacks, compared to 389 in 2023.
So what happened at UMC Lubbock?
Thursday, Sept. 26, about 10 a.m. UMC confirmed an IT outage and began “local and regional diversion” of emergency and non-emergency patients. They remained open, but noted they were experiencing phone outages, and that they were unable to access messages via the patient portal. Details as to the actual attack methods have not been released.
The healthcare system later confirmed that they had disconnected their IT systems due to a ransomware attack. They have enlisted third party experts to assist with recovery. There is no current timeline for full restoration of services. UMC is a level 1 trauma center, and is the only one within 400 miles of the area.
“This is a national security issue,” said John Riggi, National Advisor for Cybersecurity and Risk at the American Hospital Association in Washington, D.C. Prior to joining the AHA, Riggi worked for the FBI for nearly 30 years.
“When hospitals are attacked, lives are threatened,” Riggi said. “When you have the only level 1 trauma center in the region shut down by foreign bad guys, ambulances on diversion, the next level 1 trauma center I understand is hundreds of miles away, you are putting people’s lives in jeopardy.” According to Riggi, these ransomware attacks are primarily perpetrated by foreign based criminal gangs.
For now UMC remains a hospital under attack, and has been asking patients to check a new website they have set up for updates as they work towards recovery. The cost in dollars will likely count into the millions, and as to the human cost, who knows. Hospitals are among our most critical and vulnerable assets, and it is becoming increasingly clear they need to be protected as such. Stay safe online, and be aware that services you take for granted today could be taken out by a cyber attack tomorrow.
Editor’s note: Rebecca Rutherford works in information technology at Los Alamos National Laboratory.



































