ECMC still recovering from cyberattack

Posted at 11:42 AM, May 19, 2017
and last updated 2017-05-19 18:50:17-04

In early April, the Erie County Medical Center's computer system faced a cyberattack from ransomware which freezes access to computers until money is paid.

At the time, ECMC shut down its computer network and implemented a backup plan, that was developed in case of a massive power outage, where staff switched to using paper files in order to keep operations under way.  ECMC officials felt no patient information was compromised but admitted that having to use the paper system did slow down hospital operations.

So how has the hospital recovered since then?  

ECMC President and CEO Tom Quatroche said the hospital was able to restore its system from backup tapes, but it was a labor intensive and slow process.  Right now, clinical computer systems are back up.  However, Quatroche said ECMC's computer system is not fully interconnected until more work is finished making it "hardened" against future attacks - a process that should be completed soon.

Quatroche confirmed that ECMC was hit by ransomware that was trying to hold the hospital hostage for tens-of-thousands of dollars.  The computer virus was able to get inbetween the main computers and an online backup system.  

The computer virus that attacked ECMC in April was not the "WannaCry" virus that recently caused problems across the globe.

ECMC does not believe any patient or worker information was compromised.

7 Eyewitness News Reporter Ed Reilly talked with Tom Quatroche and has more in his reports.

Since the ECMC cyberattack, the WannaCry virus cyberattack made global news after it forced computer systems worldwide in over 150 countries to stop operating until a ransom was paid in Bitcoin currency.  It is estimated that about $100,000 has been paid out in ransom to WannaCry which infected more than 230,000 computers.

WannaCry was the biggest virus attack in history and was stopped when a web security researcher discovered a kill switched.  The virus targeted computers running the Microsoft Windows operating system - especially older unsupported systems such as Windows XP and Windows Server 2003.

Microsoft immediately offered new updates, even for older unsupported systems, to close a flaw in the computer code that was exploited by WannaCry.

You can find out more information from Microsoft at the following link:https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx

In light of WannaCry, there is speculation from respected cybersecurity firms Symantec and Kaspersky Labs that North Korea may have been behind the attack.

Officials worry that there could be even more destructive "copy-cats" that will pick up where WannaCry left off.

In the attached video clip, 7 Eyewitness News Reporter Ed Reilly has an interesting and insightful conversation about ransomware with Arun Vishwanath.  Arun is an Associate Professor of Communications at the University at Buffalo.  He is also a cybersecurity expert who worked with government agencies in Washington, D.C.