INDIANAPOLIS — Ascension St. Vincent continues to recover after becoming the latest victim in a cyberattack.
As of Friday afternoon, systems remain down, and the hospitals are diverting emergency medical services.
"I think this is only going to get worse before it gets better," said John Boomershine, VP of security and compliance with BlackInk IT in Indianapolis.
Boomershine says cyberattacks are becoming more prevalent.
In fact, they're on the rise.
Last Wednesday, officials at Ascension St. Vincent detected "unusual activity on select technology network systems."
A spokesperson told 13News some phones and systems for certain tests, procedures and medications are down.
"Going to pen and paper is the only way they have to do it," Boomershine said. "When you immediately go offline like that or you have to shut systems down quickly, getting to those paper records to understand the history of care."
Ascension St. Vincent is working to resolve the issues to regain access to things like electronic health records and to remove a temporary pause on some non-emergent elective procedures.
Boomershine said cyber criminals are becoming more clever.
"Most cyber events don't happen the day after a threat actor gets in a network. They lay and wait. They gather intelligence. They move laterally through the systems," Boomershine said.
The cyber criminals are going after patient's personal information and threatening a hospital network to put that information on the dark web in exchange for money.
"That personally identifiable information, or PII, is all threat actors need to really begin to go after and monetize," Boomershine said.
Boomershine said that includes your home address, phone number, social security number and insurance card.
While the scale of the Ascension attack is unclear, recovery may not be quick.
"If you think about hospitals and the thousands of people that have tens of thousands of systems and computers, it's really not conceivable or doable that they would just burn everything down and restart. So you have to go through that investigation to understand the scale of the events. How deep into each system do they go to make a determination on how you restore the systems to get back to a safe footing?" Boomershine said. "If you think about it on a personal level, if something got into your computer, how would you know it's gone? Well, in many cases, the safest way is to delete everything and reformat it and start over."
That leaves hospital staff and patients in limbo as security continues to weed out cyber criminals who target health care institutions.