The FBI is actively working with Norton Healthcare to determine the scope of an ongoing cyberattack, as the Louisville, Kentucky, health network works to recover a number of patient care systems.
On May 9, the information services team discovered suspicious network activity and deployed defensive measures. While data extortion and ransomware were not mentioned, the team also received a fax “containing threats and demands,” a common tactic used by threat groups.
At the time of the fax, the network remained operational. Norton Healthcare officials stressed that the systems were proactively brought down in a controlled fashion: “at no point did an external force take control of or shut down our network.”
The information services team was able to thwart the impact of the attack and keep the network within their control. But with the network offline, clinicians are leveraging manual and paper processes to maintain services. All Norton Healthcare facilities remain open for all patient care.
However, the outage has caused long wait times for both phone calls and in-person patient visits, as well as “delays in network-related capabilities,” including imaging, lab and test results, prescription refills, and the Norton MyChart patient messaging platform.