Authors: Rinat Gabbay-Benziv, Merav Ben-Natan, Ariel Roguin, Benyamine Abbou, Anna Ofir, Adi Klein, Dikla Dahan-Shriki, Mordechai Hallak, Boris Kessel, Mickey Dudkiewicz

Abstract:

Introduction: Over recent decades, technology has become integral to healthcare, with electronic health records and advanced medical equipment now standard. However, this reliance has made healthcare systems increasingly vulnerable to ransomware attacks. On October 13, 2021, Hillel Yaffe Medical Center experienced a severe ransomware attack that disrupted all IT systems, including electronic health records, laboratory services, and staff communications. The attack, carried out by the group DeepBlueMagic, utilized advanced encryption to lock the hospital's systems and demanded a ransom. This incident caused significant operational and patient care challenges, particularly impacting the obstetrics department. Objective: The objective is to describe the challenges facing the obstetric division following a cyberattack and discuss ways of preparing for and overcoming another one. Methods: A retrospective descriptive study was conducted in a mid-sized medical center. Division activities, including the number of deliveries, cesarean sections, emergency room visits, admissions, maternal-fetal medicine department occupancy, and ambulatory encounters, from 2 weeks before the attack to 8 weeks following it (a total of 11 weeks), were compared with the retrospective period in 2019 (pre-COVID-19). In addition, we present the challenges and adaptation measures taken at the division and hospital levels leading up to the resumption of full division activity. Results: On the day of the cyberattack, critical decisions were made. The media announced the event, calling on patients not to come to our hospital. Also, all elective activities other than cesarean deliveries were stopped. The number of deliveries, admissions, and both emergency room and ambulatory clinic visits decreased by 5%–10% overall for 11 weeks, reflecting the decrease in division activity. Nevertheless, in all stations, there were sufficient activities and adaptation measures to ensure patient safety, decision-making, and workflow of patients were accounted for. Conclusions: The risk of ransomware cyberattacks is growing. Healthcare systems at all levels should recognize this threat and have protocols for dealing with them once they occur.

Keywords: ransomware attack, healthcare cybersecurity, obstetrics challenges, IT system disruption

Procedia PDF Downloads 0