Attacked by ransomware: The hospital network brought to a standstill by cybercriminals

In October 2022, the second-largest nonprofit healthcare system in the US, CommonSpirit Health, was hit with a crippling ransomware attack. Kelsay Irby works as an ER nurse at a CommonSpirit hospital in Washington. She arrived at work after the malware had spread through the hospital network to chaos: systems were down, computers were running slowly or not at all, labs weren’t returning results, and nurses were charting vitals on pen and paper. Even basic things like knowing what medications patients were on or why they came into the emergency room were a challenge, putting lives at risk. The hospital’s nurses and doctors scrambled to manage this crisis for over two weeks until CommonSpirit Health was able to restore access to the IT network

“It was just kind of this perfect storm of very sick patients, not enough help, everybody was super frustrated,” Irby says, “My biggest fear during the whole cyberattack was that a patient was going to suffer because we couldn’t access the technology.”

GZERO spoke with Irby about her experience during the ransomware attack, as well as cybersecurity expert Mora Durante Astrada from Zurich Insurance Group for the final episode of “Caught in the Digital Crosshairs: The Human Impact of Cyberattacks,” a new video series on cybersecurity produced by GZERO in partnership with Microsoft and the CyberPeace Institute. Astrada volunteers for the Institute and its CyberPeace Builders Program, which provides free cybersecurity assistance, threat detection, and analysis to NGOs and other critical sectors while advocating for safety and security in cyberspace.