Last October 28, cybercriminals attacked computer systems at the University of Vermont Medical Center in Burlington. Clinicians were unable to retrieve patients' medical records and, over the next few weeks, hundreds of cancer patients arriving for chemotherapy infusions had to be turned away, according to staff at the hospital. It took nearly a month to restore access to computer files, and full recovery from the hack was expected to take many months more.

The Vermont hospital was one of a dozen health care facilities in the United States, including in California, New York, and Oregon, attacked at the same time. According to Reuters, the perpetrators are believed to be Russian and Eastern European criminals intent on disrupting health care systems to cause operational chaos and force administrators to meet ransom demands. Another goal, according to security experts, is to steal patients' personal data for identity fraud schemes.

A month earlier, hackers had held Universal Health Services, a network of more than 400 hospitals and mental health facilities in the United States and Britain, hostage to ransom demands. At the time, it was considered to be the largest cyberattack on medical facilities.

Because of the wealth of personal data stored in hospital computer systems, they are frequent targets of hackers, though most are unsuccessful. A ransomware attack, however, is designed to cripple hospital operations by preventing staff from accessing computer-based services such as data storage and interdepartmental communications, thereby blocking clinicians from obtaining critical patient care information such as medication regimens. Clinicians report resorting to pen and paper calculations while aiming to reconstruct patients' medical details from older paper records and, even, memory.

The FBI, which is investigating these cybercrimes, estimates that in 2018 and 2019 when ransom demands hovered around $5,000, hackers collected more than $61 million from such incursions. Ransom demands now average $200,000, authorities say. Once paid, the hackers remove the encryption software locking the data, although, as in the Vermont hospital's experience, subtler damage to computer systems from the malicious software may take months to repair.-Frank Brodhead