Awareness : Newsletter Articles

Alabama Health System Briefly Shuts Down after Ransomware Attack

Last Fall, an Alabama based health system became the target of a ransomware attack that severely interrupted operations at three hospitals. The hospitals were forced to use paper records to track patient data in place of their electronic health records and eventually shut down non-emergency operations for almost two weeks. The health system paid the hackers an undisclosed amount in order to obtain the decryption key. The attack was investigated by law enforcement and the health system worked with a private IT security company to restore its systems.

Ransomware attacks work by encrypting electronic file systems and holding them hostage. Hackers then demand ransom payment(s) in order to provide the correct decryption key, which converts the data that was encrypted by the attack into its original form. Ransomware attacks on entities like hospitals have become one of the highest security issues in the country.

Cybersecurity firm Emsisoft released a report this month stating that in the first nine months of 2019, at least 621 “government entities, health care service providers and school districts, colleges and universities” have been affected by ransomware attacks – 491 of the reported attacks were on health care providers. According to the Ponemon Institute’s 2019 report the average lifecycle caused by a malicious attack is 314 days. A lifecycle longer than 200 days is 37 percent more expensive on average. For example, the Emisoft report indicated that earlier this year, the city of Baltimore was hit by a ransomware attack that, “… caused widespread disruption to service delivery, with property transactions, and tax and water billing all being delayed. Recovery costs have been estimated at $18.2 million.”

In early October, the FBI issued a warning concerning the “high-impact” these types of attacks can have on businesses and organizations. Ransomware attacks are becoming more sophisticated and hackers are demanding larger payouts.

Here are some useful tips to help prevent against these sorts of attacks:

  • Question unsolicited email communications – if you receive an unexpected email that sounds suspicious, contact the alleged sender to ensure they are the one who sent it.
  • Never click on links or open files that appear odd or are from an unknown source; visit websites directly to verify authenticity.
  • DO NOT forward and DO NOT reply to spam or junk email.
  • Install the latest software and/or updates on all of your devices (desktops, laptops, portable devices, smart phones, tablets, etc.).
  • Encrypt all portable devices storing University data (Laptops, USB, SD, microSD, etc.).
  • Utilize strong passwords to protect your computers and smart phones and do not share them or post them anywhere easily accessible.

The best sort of protection against these types of attacks is awareness and education. We urge you to please remain vigilant and always report anything that may seem suspicious.

For further information please contact the UHealth Privacy Office at 305-243-5000 or For assistance with security safeguards and device encryption, contact UHealth IT’s Help Desk at 305-243-5999 or