IT Brief US - Technology news for CIOs & IT decision-makers
United States
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
Story image
#
Offensive Security
#
Critical Infrastructure
#
Cyber warfare

Ransomware hits Kettering Health: Experts speak out

Today
Author image
By Kaleah Salmon, Journalist

A major ransomware attack has struck Kettering Health, a nonprofit network operating 14 medical centres and more than 120 outpatient facilities in Ohio, causing a significant outage across its digital and communications infrastructure. The breach, believed to be the work of the Interlock ransomware group, has led to the suspension of all elective inpatient and outpatient procedures and widespread disruption to administrative systems, including call centres. Emergency departments reportedly remain open, but patients and staff throughout the network are struggling to manage the fallout from the cyberattack.

The ransomware gang has threatened to leak stolen sensitive data unless their demands are met. While Kettering Health has not confirmed the exact nature of the data accessed, it has acknowledged that scammers pretending to be employees have contacted patients to request credit card information, raising further concerns over the misuse and exposure of confidential patient data.

The incident is the latest in a wave of ransomware attacks targeting critical healthcare infrastructure in the United States. In 2023, the healthcare sector led all other critical infrastructure sectors in reported ransomware incidents, highlighting systemic vulnerabilities in an industry responsible for safeguarding millions of sensitive records and life-sustaining operations. Recent high-profile breaches of major providers such as Ascension and UnitedHealth Group have underscored the direct consequences these attacks can have on patient care and safety, with delays to diagnostics, essential treatments, and emergency response capabilities.

Security experts agree that the implications of such attacks extend far beyond simple IT outages. Aditya Sood, Vice President of Security Engineering and AI Strategy at Aryaka, said, "The broader implications of ransomware attacks on critical healthcare organisations... extend far beyond IT disruptions—they pose serious risks to patient safety, public health, and national resilience." Sood also noted the critical need for healthcare entities to adopt a proactive security stance, including implementing Zero Trust architecture, strict network segmentation, and regular offline backups.

Debbie Gordon, CEO and Founder of Cloud Range, emphasised the importance of comprehensive training in preparing for such crises. "We keep seeing healthcare systems pushed to the brink—not by medical emergencies, but by cyberattacks that disable basic operations," Gordon stated. "Responding to ransomware is not only about technology; it's about people knowing what to do when systems go down. Clinical staff, IT teams, and executives all need to rehearse how to operate effectively under pressure."

According to Gunter Ollmann, Chief Technology Officer for Cobalt, the motives behind targeting healthcare organisations are clear. "The healthcare sector continues to be disproportionately targeted by ransomware groups because it presents a high-pressure environment where disruption can immediately impact patient lives. This urgency increases the likelihood of ransom payment, making hospitals prime targets for attackers looking for quick returns." He warned that these incidents could foreshadow more severe threats in the future, should current vulnerabilities persist.

Joshua Roback, Principal Security Solution Architect at Swimlane, described the Kettering Health attack as "another demonstration of the fragility of healthcare infrastructure in the face of digital threats." Roback urged for systemic changes, stating, "Cybersecurity in healthcare can't remain a siloed IT issue. It must be embedded into the core of the patient care strategy, with resilience, not recovery, as the standard."

As investigations continue, Kettering Health works with cybersecurity experts and law enforcement to contain the damage and restore operations. The attack has reignited calls within the healthcare and security sectors for increased investment in modernising medical IT infrastructure, developing resilience-based security strategies, and fostering a cybersecurity awareness culture across all healthcare organisations.

In the meantime, the breach has left patients and staff coping with the reality that, in the digital age, threats to health and safety can just as easily come from computers as from clinical emergencies. The case of Kettering Health stands as a stark reminder that bolstering digital defences is integral to protecting lives and maintaining trust in healthcare delivery.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Cyberattacks surge amid India-Pakistan clashes after strikes
Emojis used to hide attacks & bypass major AI guardrails
Forrester warns of deepfakes & AI extortion in 2025 threats
Anetac launches Human Link Pro to combat access risk with AI
Bugcrowd unveils red team service for cyber defence
Top stories
Plainsight unveils OpenFilter to simplify vision AI pipelines
Report finds low ECH use but risks from malicious actors grow
Fintech sector faces mounting third-party security breach risks
IP Fabric unveils upgrade to boost firewall visibility & compliance
In the AI gold rush, data centre infrastructure vendors are selling shovels