Kettering (Ohio) Health empowered employees to innovate its response to a recent cyberattack rather than relying on a typical command-and-control structure, the Dayton (Ohio) Business Journal reported.
The 14-hospital system was struck by ransomware May 20, resuming normal operations June 10.
“This was not the type of response that you can coordinate,” Kettering Health CEO Michael Gentry said at a forum covered by the Business Journal. “The reason we were able to stand back up at the rate of time we were is that people came forward with solutions, and we let those solutions roll, and we benefited from that enormously.”
Mr. Gentry recalled in the June 13 story how he first found out something was amiss.
“We were sitting in a meeting, and our CIO was sitting across the room from me,” he said at the forum. “He pulled me aside and he said, ‘Hey, dude, we just had 2 million log-on attempts in the last couple of minutes.’ And then we got a call from Homeland Security.”
All 600 of Kettering Health’s digital applications were shut down, forcing employees to turn to paper records, cellphones and walkie-talkies, according to the story. Nearby health systems such as Dayton-based Premier Health Partners and Dayton Children’s stepped up to take on Kettering Health patients.
Ransomware group Interlock claimed responsibility for the attack, in which more than 730,000 files may have been compromised, the publication reported.
“There’s a lot of energy from some countries in this world to harm the U.S, and so Kettering Health is a byproduct of a much larger strategy,” Mr. Gentry said at the forum.
