A cyberattack has impacted a community hospital and its affiliated clinics in rural Idaho, leading to the diversion of ambulances and patients to other facilities. The incident, discovered on Monday, affects Mountain View Hospital, Idaho Falls Community Hospital, and partnering clinics in the area. The hospitals have resorted to using paper for patient charting as their electronic systems have been taken offline.
This attack sheds light on the significant cybersecurity challenges faced by small and rural hospitals, which often lack the necessary resources and expertise to adequately protect their environments. The cyber incident has resulted in Idaho Falls Community Hospital diverting ambulances to other hospitals, while partnering clinics are limiting certain patient services.
Mountain View RediCare, one of the affected clinics, has temporarily closed due to the cyberattack. Patient safety remains the top priority for the hospitals as they work to address the incident, which has forced them to rely on manual processes.
According to security firm Emsisoft, this attack is part of a larger trend impacting the healthcare sector. In 2023 alone, 15 healthcare systems operating 29 hospitals have experienced ransomware incidents, with data theft occurring in 12 of those cases. The vulnerabilities faced by small and rural hospitals are particularly concerning, as they often struggle with limited staff and resources to address their cybersecurity needs.
Recognizing the urgent need for cybersecurity support in rural hospitals, Congress has introduced the bipartisan Rural Hospital Cybersecurity Enhancement Act. The proposed legislation aims to address the shortage of cybersecurity skills in rural areas by requiring the development of comprehensive cybersecurity workforce strategies for healthcare facilities.
However, the bill’s success in solving the cybersecurity workforce shortage remains uncertain, as the political will to pass it through both chambers remains a key consideration.
