The University of Maryland Medical System discovered on December 9, 2018, that an unauthorized person installed a malware on its computer system. Thanks to the quick action of the UMMS IT team, the infected computers were isolated before serious harm was caused.
UMMS senior VP and chief information officer, Jon P. Burns, issued a statement saying that the majority of the malware-infected devices were desktop computers. The fast response of the IT staff made it possible to quarantine the infected computers very quickly. There was no file encrypted and medical services were not affected by the attack.
The malware was detected at 4:30 a.m and by 7 a.m., the IT department had taken its systems offline and has quarantined the affected devices. On the following day, most of its systems were restored and were completely functional.
The incident illustrates how crucial it is for healthcare institutions to have a tested incident response plan that can be implemented immediately in the event of a security breach such as a malware attack.
UMMS operates more than 150 medical facilities and has more than 27,000 computers. If UMMS did not have a breach response plan, the malware attack could have seriously affected medical services and had a negative impact on patients.
At this time, UMMS believes that no medical records or patient information were compromised. The investigation into the malware attack is still ongoing. It is not yet known how the malware was downloaded onto its computers. UMMS is being assisted by computer forensics specialists and when the cause of the attack is known, additional safeguards will be implemented.