SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Shadow of ransomware looms over healthcare sector
Thu, 14th May 2020
FYI, this story is more than a year old

Many tech companies are mobilising around the world to assist the healthcare sector in its role as the first line of defence against COVID-19.

Some are using their 3D printing facilities to deliver PPE to hospitals; others are providing their remote working tools free of charge; some are using their technological endowment to help in the race for a vaccine.

Because of these acts, and because the worldwide pressure on healthcare systems demand it, hospitals are undergoing rapid digital transformation to better cope with the virus.

But as always, the closer organisations move to digitalisation, the higher their cybersecurity risk profile becomes.

And with the scale and complexity of cybercrime increasing, coupled with the move towards digital transformation and remote patient care, the number of cyberattacks on healthcare systems will continue to increase, says GlobalData, a data and analytics company.

“Since the emergence of electronic health records, hospitals have been labelled as an attractive target for cyberattacks due to the interconnectedness of hospital operations, multi-institutional data sharing, the lack of appropriate safety measures and outdated information technology infrastructure,” GlobalData senior director of market research Urte Jakimaviciute.

“Hackers will continue to target vulnerable systems as long as there are profits to be made: from selling the stolen patient's data to holding the healthcare systems hostage until the criminals' demands are met.

A typical example of a ransomware attack on a hospital can be found in the April 2017 cyberattack of New York's Erie County Medical Center (ECMC), which hijacked the facility's computer systems with hackers demanding nearly $30,000 worth of bitcoin as ransom, which the hospital refused to pay.

In the end, the ECMC estimated that US$10 million had been lost as a direct result of the attack.

Another attack in 2017 saw WannaCry launch a ransomware assault on the UK's National Health Service (NHS) hospitals, causing widespread disruption to health services, with more than one-third of NHS trusts affected.

With such a large number of facilities affected by the breach, the financial damage was huge - over US$100m was lost through disruption to services and IT upgrades.

“Any attack similar to the ones that caused disruptions in ECMC or NHS in 2017 now could be catastrophic,” says Jakimaviciute.

“The surge in COVID-19 cases has caught the healthcare systems unprepared, and an increase in working-from-home, telemedicine and virtual care has made the healthcare system very vulnerable to attacks.

A recent cyberattack on the University Hospital of Brno, which has one of the country's biggest COVID-19 testing labs, forced the facility to shut down its entire IT network.

The incident was considered severe enough to cause the delays in surgical procedures and require staff to relocate some critical patients to other hospitals.

“Hackers are able to quickly identify which hospitals are under a lot of pressure or do not have sustainable contingency plans to deal with such attacks, and they will take advantage of that,” says Jakimaviciute.

“Currently the healthcare organisations devote just a small fraction of their budgets to implement cybersecurity measures.

“Nevertheless, due to the COVID-19 outbreak the uninterrupted functioning of health services becomes more important than ever meaning that everything related to IT security cannot be neglected.