Kettering Health bringing certain systems back up as tech outage continues

Radiation oncology back to treating patients, hospital says
Kettering Health is seeing progress in coming back online after a cyberattack last week led to a system-wide technology outage. Its radiation oncology department has been able to get its linear accelerators, which are the medical devices that conduct the radiation therapy, back up and running, the hospital organization said in a post on social media. STAFF FILE

Credit: Dana Zechar

Credit: Dana Zechar

Kettering Health is seeing progress in coming back online after a cyberattack last week led to a system-wide technology outage. Its radiation oncology department has been able to get its linear accelerators, which are the medical devices that conduct the radiation therapy, back up and running, the hospital organization said in a post on social media. STAFF FILE

As the ongoing technology outage at Kettering Health continues, the hospital organization is seeing progress getting its systems back up online and more quickly compared to industry standards, the organization says.

Kettering Health has been able to start using its radiation oncology equipment called linear accelerators again, according to a video Kettering Health posted on social media.

“We are now treating patients who had active radiotherapy again,” Dr. Anthony Paravati, chief of radiation oncology at Kettering Health, said in a video posted to social media.

Kettering Health is reminding all of its patients they should come to their scheduled appointments or surgeries unless one of its clinical teams calls to reschedule.

‘I’m trusting that things will be okay’

Other patients who had appointments canceled are waiting to find out when they will be able to see their doctors again.

Kettering Health patient David Foubert, of Yellow Springs, was scheduled to receive a lung biopsy on May 20, the same day the ransomware attack was discovered by the network.

Foubert’s pulmonologist called him that day to let him know his appointment was canceled.

“I was informed somebody would get back to me in the next couple of days or so to reschedule,” Foubert said Sunday.

Five days on, that call has yet to come, he said.

In the week prior to May 20, Foubert, 82, underwent a CAT scan to check on a nodule in his lower right lung, a lump that had been there for years but had recently shown signs of growth.

“One of the doctors said it could just be fungus, or it could be cancer,” Foubert said.

As he waits to hear back from his doctor’s office, Foubert looks forward to getting the biopsy out of the way and any potential treatment kickstarted.

“I’m not in a panic or anything like that; I just want to get it done and over with because if it’s cancer, I’ll have to wait however long after the biopsy itself to get it taken out,” he said. “So, you just sit and wait and hope for the best ... It’s a ‘let go and let God’ sort of situation.”

Despite the uncertainty, Foubert said he doesn’t plan to seek care through another medical network.

“I’m not sure that I’d like to really start over,” he said. “Plus, I’ve got a good pulmonologist and a fantastic medical oncologist, and I’m trusting that things will be okay and that they’ll get it taken care of.”

Hospitals vulnerable to cyber threats

The hospital system confirmed on Friday it believes the attack was a ransomware attack, but administrators said they had no direct contact with the perpetrators.

“These are basically like almost like business organizations,” JP Castellanos, director of threat intelligence at Binary Defense, a cybersecurity company in northeast Ohio, said about ransomware groups.

“You could go to these ransomware groups, you can basically pay for their services, and they will go ahead, and they will conduct the attacks for you. And then, they’ll get a cut of that attack,” he said.

Hospitals are also particularly vulnerable to cyberattacks.

“Hospital companies have a very vast, what we call, an attack surface. They have a lot of outdated and unpatched systems. A lot of them are running on Windows 7 or very legacy systems, so they’re vulnerable,” Castellanos said.

A perpetrator could compromise a system through an exploitive vulnerability like an old computer system that hasn’t been updated in years and hasn’t received security updates, he said.

“That’s how they’re able to get into these hospitals and conduct their attacks,” Castellanos said.

Perpetrators could also compromise the system of a third-party vendor to gain access to the hospital system that way, he said.

Kettering Health has 14 area medical centers and more than 120 outpatient locations throughout Western Ohio, as well as Kettering Physician Network, which includes more than 700 board-certified providers.