Maryland health workers, lawmakers want answers as problems persist a month after cyberattack
State health workers still often can’t use computers, access shared drives and get to important data a month after a cyberattack crippled Maryland’s health department, the head of a union representing agency employees said Friday. They’ve received little information about what’s going on and are preparing for the possibility that their systems could remain impaired for some time.
“They have very limited resources in terms of computers, et cetera, so people are having to share computers at work,” said Patrick Moran, president of AFSCME Maryland Council 3. “Some people aren't able to access anything just because there's just not enough equipment.”
The disruptions are affecting not only pandemic response, but also routine matters such as caring for people in state mental hospitals, licensing health-care workers and providing Medicaid benefits to some recipients. Moran said employees have felt frustrated trying to do their jobs under such conditions, during a health crisis, with little information about what has happened or what caused it.
“No one has received communication as to when things will be restored, and people are preparing to operate this way for several months,” Moran said. “None of our members have been told anything.”
State lawmakers hope to gain a better understanding of what happened and how officials handled it during a hearing Thursday, after weeks of incomplete explanations from the administration of Gov. Larry Hogan (R). Legislative leaders have acknowledged that sensitive details may need to be handled in a closed session.
Asked about frustrations over a lack of public information about the attack, Hogan spokesman Mike Ricci reiterated a statement from the state’s chief information security officer, Chip Stewart, last month that because of a criminal investigation, officials are limited in sharing details.
Ricci said by email that the FBI is involved, but “there is no evidence the attack is ongoing.” He said officials briefed on the situation include the state comptroller, attorney general, treasurer and legislative leaders.
“All of the briefings were cordial, and no one followed up to say their questions weren’t answered,” Ricci said.
Audit criticizes Maryland’s emergency coronavirus spending
Stewart, during a briefing last month with reporters, said the health department’s network team noticed “unusual behavior” during the early morning of Dec. 4. A server was not working properly, and they initially assumed it was a malfunction or hardware failure. Later that morning, something — he didn’t say what — led them to suspect a cyberattack.
State information security workers began trying to contain any damage, isolating sites on the network from one another and from the Internet. Stewart said an ongoing forensic investigation has not turned up evidence of unauthorized access to data.
Since the attack, security workers have restored various systems. Several days afterward, the state resumed reporting coronavirus vaccination and hospitalization data. In mid-December, the state restored a system that enables payments to Medicaid providers. Soon after that, the state resumed reporting coronavirus cases and other widely tracked data. Late last month, the state began reporting covid deaths again.
Still, many systems remained unusable this week. A sign on the door at the Maryland Board of Nursing warned that because of the security breach, staffers were “unable to complete any transactions or access any data or databases.” The issue has severely hampered its ability to issue nursing licenses at a time when the state is facing a nursing shortage as hospitals struggle against the omicron variant. In an update released late Friday, the health department said the nursing board had “resumed online licensure and license lookups via their website.”
Moran, the union leader, said the issue has similarly disrupted the dispersion of Medicaid benefits and care at state mental hospitals.
“The admission and the discharge process has been very difficult without access to the computers, because that contains patient information, clinical notes,” he said. “They can't use the scanner to send things out because the computer's screwed up.”
He said state hospital patients can’t access some Medicaid funds. During the holidays, they often use money in their accounts to send a gift to a family member or get something as simple as a haircut. Because of the attack, many couldn’t do that, Moran said. “The social workers are working to help alleviate that, but they can’t see who’s got what,” he said.
Md. Gov. Larry Hogan’s messages to state employees self-destruct in 24 hours
Del. Shane E. Pendergrass (D-Howard), chair of the House Health and Government Operations Committee, said she shares the frustrations of many health department workers. “We really don’t know what’s going on at all,” she said. Her committee hopes to gather more information from state officials at the hearing next week.
Sen. Paul G. Pinsky (D-Prince George’s), who chairs the Education, Health and Environmental Affairs Committee, said that despite a private briefing with legislative leaders last month, state officials have yet to clarify why they couldn’t find some workaround to keep providing covid-19 mortality data as cases of the omicron variant were on the rise.
He and other legislators, while saying they understand the need to protect an investigation, also said Hogan, who holds national political ambitions, is not always forthcoming when knotty issues arise, such as problems with 500,000 coronavirus tests the state bought from South Korea.
“When he can control the news release, and deliver the good news, he can be all over the Sunday talk shows being loved as the anti-Trump,” Pinsky said, referring to Hogan’s willingness to criticize the former president. “But when there’s a problem, he’s nowhere to be found.”
“They have very limited resources in terms of computers, et cetera, so people are having to share computers at work,” said Patrick Moran, president of AFSCME Maryland Council 3. “Some people aren't able to access anything just because there's just not enough equipment.”
The disruptions are affecting not only pandemic response, but also routine matters such as caring for people in state mental hospitals, licensing health-care workers and providing Medicaid benefits to some recipients. Moran said employees have felt frustrated trying to do their jobs under such conditions, during a health crisis, with little information about what has happened or what caused it.
“No one has received communication as to when things will be restored, and people are preparing to operate this way for several months,” Moran said. “None of our members have been told anything.”
State lawmakers hope to gain a better understanding of what happened and how officials handled it during a hearing Thursday, after weeks of incomplete explanations from the administration of Gov. Larry Hogan (R). Legislative leaders have acknowledged that sensitive details may need to be handled in a closed session.
Asked about frustrations over a lack of public information about the attack, Hogan spokesman Mike Ricci reiterated a statement from the state’s chief information security officer, Chip Stewart, last month that because of a criminal investigation, officials are limited in sharing details.
Ricci said by email that the FBI is involved, but “there is no evidence the attack is ongoing.” He said officials briefed on the situation include the state comptroller, attorney general, treasurer and legislative leaders.
“All of the briefings were cordial, and no one followed up to say their questions weren’t answered,” Ricci said.
Audit criticizes Maryland’s emergency coronavirus spending
Stewart, during a briefing last month with reporters, said the health department’s network team noticed “unusual behavior” during the early morning of Dec. 4. A server was not working properly, and they initially assumed it was a malfunction or hardware failure. Later that morning, something — he didn’t say what — led them to suspect a cyberattack.
State information security workers began trying to contain any damage, isolating sites on the network from one another and from the Internet. Stewart said an ongoing forensic investigation has not turned up evidence of unauthorized access to data.
Since the attack, security workers have restored various systems. Several days afterward, the state resumed reporting coronavirus vaccination and hospitalization data. In mid-December, the state restored a system that enables payments to Medicaid providers. Soon after that, the state resumed reporting coronavirus cases and other widely tracked data. Late last month, the state began reporting covid deaths again.
Still, many systems remained unusable this week. A sign on the door at the Maryland Board of Nursing warned that because of the security breach, staffers were “unable to complete any transactions or access any data or databases.” The issue has severely hampered its ability to issue nursing licenses at a time when the state is facing a nursing shortage as hospitals struggle against the omicron variant. In an update released late Friday, the health department said the nursing board had “resumed online licensure and license lookups via their website.”
Moran, the union leader, said the issue has similarly disrupted the dispersion of Medicaid benefits and care at state mental hospitals.
“The admission and the discharge process has been very difficult without access to the computers, because that contains patient information, clinical notes,” he said. “They can't use the scanner to send things out because the computer's screwed up.”
He said state hospital patients can’t access some Medicaid funds. During the holidays, they often use money in their accounts to send a gift to a family member or get something as simple as a haircut. Because of the attack, many couldn’t do that, Moran said. “The social workers are working to help alleviate that, but they can’t see who’s got what,” he said.
Md. Gov. Larry Hogan’s messages to state employees self-destruct in 24 hours
Del. Shane E. Pendergrass (D-Howard), chair of the House Health and Government Operations Committee, said she shares the frustrations of many health department workers. “We really don’t know what’s going on at all,” she said. Her committee hopes to gather more information from state officials at the hearing next week.
Sen. Paul G. Pinsky (D-Prince George’s), who chairs the Education, Health and Environmental Affairs Committee, said that despite a private briefing with legislative leaders last month, state officials have yet to clarify why they couldn’t find some workaround to keep providing covid-19 mortality data as cases of the omicron variant were on the rise.
He and other legislators, while saying they understand the need to protect an investigation, also said Hogan, who holds national political ambitions, is not always forthcoming when knotty issues arise, such as problems with 500,000 coronavirus tests the state bought from South Korea.
“When he can control the news release, and deliver the good news, he can be all over the Sunday talk shows being loved as the anti-Trump,” Pinsky said, referring to Hogan’s willingness to criticize the former president. “But when there’s a problem, he’s nowhere to be found.”
