Maryland Chief Information Security Officer Chip Stewart on Wednesday confirmed the state’s Department of Health ransomware attack.
Stewart explained that the Department of Health team noticed a server malfunction on December 4. Later, the IT security team informed Stewart that it could possibly be a ransomware attack.
Referring to the response plan taken, Stewart said: “MDH took immediate containment action by isolating their sites on the network from one another, external parties, the Internet, and other State networks. As a result of this containment approach, some services were rendered unavailable and some remain offline today. I want to be clear: this was our decision and a deliberate one, and it was the cautious and responsible thing to do for threat isolation and mitigation,”
Stewart defended his decision to keep some services offline, pointing out that he has seen cases where organizations reconstitute services too quickly.
For weeks, the department was unable to publish COVID-19 case figures, as the Omicron variant continues to wreak havoc in all states.
Although this service has returned, health officials will now have to calculate the COVID-19 statistics by hand.
For more information, read the original story in ZDNet.