In a filing on Thursday with the U.S. Securities and Exchange Commission (SEC), UnitedHealth asserted that it had identified a "suspected nation-state-associated" actor behind the attack. According to a February 26 report by the Health Information Sharing and Analysis Center (Health-ISAC), UHG claimed to have contained the incident and that customers and partners would not need to disconnect from the network.
Despite these assurances, there are concerns that this latest cyberattack against an American healthcare entity may not be over and may not be limited to just one company. According to cyber intelligence firm RedSense, more health-related organizations are likely to be compromised by the same tactic used to undermine Change’s systems. “We would expect to see additional victims in the coming days,” according to the RedSense report.
While it is uncertain at this time the extent to which the breach of Change’s systems will affect downstream processes for the healthcare industry as a whole, the American Hospital Association (AHA) did release the following cautionary statement:
Due to the sector wide presence and the concentration of mission critical services provided by Optum, the reported interruption could have significant cascading and disruptive effects on revenue cycle, certain health care technologies and clinical authorizations provided by Optum across the health care sector.
We want to assure our clients that we are taking preventative measures to defend against this and other potential assaults against our mission-critical systems. Protecting patient information and other sensitive data is among our top priorities at Coronis Healthcare. We are blocking known malicious IP addresses and other tools used in this attack. Our Information Security team is also working with our Managed Detection and Response vendors to perform proactive threat hunting against our systems to check for Indicators of Compromise. We also confirmed with our Managed Service Providers that they are not running vulnerable systems associated with this attack vector.
We will continue to investigate how the cyber-attack against Optum's Change Healthcare may impact our clients. As we get more information, we will provide further updates.