St. Lawrence Health System starting to reboot information system after Tuesday morning cyber attack
POTSDAM — A cyber attack caused the St. Lawrence Health System to shut down its network and information systems this morning (Tuesday, Oct. 27).
“St. Lawrence Health System detected an information technology security incident related to operations at its Canton-Potsdam, Gouverneur, and Massena Hospitals in the early morning hours of October 27, 2020. As a result, the Health System’s Information Systems (IS) department disconnected all systems and shut down the affected network to prevent further propagation,” said a press release from the organization late Tuesday.These locations are utilizing their established back-up processes including offline documentation methods. Patient care continues to be delivered safely and effectively, SLHS said.
According to the organization, the virus has been identified as a new variant of Ryuk ransomware previously unknown to antivirus software providers and security agencies.
The Health System’s investigation teams immediately provided the FBI, Department of Homeland Security, and other authorities with all the information they required and very quickly made the signature of this Ryuk strain available to the Health System’s anti-virus service providers, the press release said.
“We implement extensive IS Security controls, measures, and procedures, and are working diligently with our IS Security partners to restore IT operations as quickly as possible," said Chief Information Officer Lyndon Allen.”
SLHS said the cyberattack was only launched hours before it was detected.
“The security measures implemented immediately made it possible to contain the virus and protect our patients and staff," added Allen.
The organization said that at this stage, no patient or employee data appears to have been accessed, copied, or otherwise compromised.
Having analyzed the attack and established a mitigation and remediation plan, the Health System is starting to reboot its information systems and operations progressively and securely, starting today, the press release said.