Kettering (Ohio) Health was targeted in a ransomware attack May 20, which the health system believes was carried out by the cybercriminal group Interlock.
In a June 5 news release shared with Becker’s, the health system said the incident prompted an immediate response aimed at protecting systems and preserving data integrity.
Here are four things to know:
- Kettering Health reported that all tools and persistence mechanisms used by the attackers were removed, and the affected systems have since been secured.
- The health system worked with internal teams and external cybersecurity partners to conduct a full system review. As part of that process, Kettering Health implemented enhanced security protocols, including network segmentation, updated access controls and expanded monitoring capabilities.
- A thorough vulnerability assessment was also completed, with all necessary patches and updates applied, according to the health system.
- Kettering Health said it is confident its current cybersecurity framework and employee training are sufficient to mitigate future risks. The health system also reported that network-connected devices and partner connections remain secure.
