Maryland Dept. of Health Responds to Ransomware Attack
An attack discovered on Dec. 4, 2021 forced the Maryland Department of Health to take some of its systems offline.
A cyberattack affecting the Maryland Department of Health (MDH) has been confirmed a ransomware attack, the Depts. Of Health and Information Technology confirmed this week.
The attack, first described as a "network security incident," was detected on Dec. 4, 2021. It took the MDH website offline and led to the removal of resources such as the pages people can access to apply for Medicaid or learn more about local nursing home safety. The incident also disrupted the state's reporting of COVID-19 data.
Maryland CISO Chip Stewart released a statement on Jan. 12 to say while an investigation is still ongoing, officials can confirm it was a ransomware attack. MDH was able to isolate and contain its systems within hours of first detecting it, he said. At the time of publishing, officials had not identified any evidence of the unauthorized access to, or acquisition of, State data, he noted.
As part of the containment process, MDH isolated its websites on the network from one another, external parties, the Internet, and other State networks, Stewart said. Due to this approach, some services became unavailable, and some are still offline.
"I want to be clear: this was our decision and a deliberate one, and it was the cautious and responsible thing to do for threat isolation and mitigation," he wrote in a statement. Often after a security incident, there can be pressure to quickly reconstitute services, Stewart added. "We are recovering with deliberate action to minimize the likelihood of reinfection," he said.
Read Stewart's full breach disclosure for more information.
About the Author
You May Also Like
How to Evaluate Hybrid-Cloud Network Policies and Enhance Security
September 18, 2024DORA and PCI DSS 4.0: Scale Your Mainframe Security Strategy Among Evolving Regulations
September 26, 2024Harnessing the Power of Automation to Boost Enterprise Cybersecurity
October 3, 202410 Emerging Vulnerabilities Every Enterprise Should Know
October 30, 2024
State of AI in Cybersecurity: Beyond the Hype
October 30, 2024[Virtual Event] The Essential Guide to Cloud Management
October 17, 2024Black Hat Europe - December 9-12 - Learn More
December 10, 2024SecTor - Canada's IT Security Conference Oct 22-24 - Learn More
October 22, 2024