“Cybercriminals could HACK hospital medical equipment to stop patients’ treatment or make them overdose, IT experts warn.”[1]
In 2017 a hospital in the UK was shut down by cyber criminals who demanded a ransom to release data in each hospital staff members account.
Nearly 20,000 appointments were cancelled after the health service failed to provide basic security against cyber attackers. The virus, which spread via email, locked staff out of their computers and demanded £230 ($289) to release the files on each employee account.
Five Accident and Emergency departments even had to divert ambulances away at the peak of the crisis.
Since this attack took place, the healthcare industry is still vulnerable to attacks due to insufficient defence in depth tactics to thwart cyber-attacks.
“Hacking across any industry can occur for financial gain, to gather information, as a form of protest or just ‘for the fun of it,” says Professor Alan Woodward, a computer security expert at the University of Surrey.
‘Chief Information Security Officers report cyber-attacks are on the rise in healthcare.’
According to a new study by Carbon Black, two-thirds of surveyed healthcare organisations said cyberattacks have become more sophisticated over the past year.
Nearly half (45 per cent) of surveyed healthcare organisations said they had encountered attacks over the past year where the primary motivation was the destruction of data.[2]
Destructive attacks, tailored to specific targets, cause system outages and destroy data in ways designed to paralyse an organisation’s operations and are often carried out by malicious nation-states.
Simple Steps
Installing good security software specifically designed to combat ransomware attacks mentioned above would help mitigate many of these types of attacks.
Ensuring computer operating systems and software are UpToDate with the latest patches can also help. If your system is using software that is no longer supported, then it’s time to upgrade.
Information Technology staff need the training to complement their skills to ensure they stay UpToDate with the latest types of attacks and how to defend against them. Empowering your team to protect the networks efficiently will help mitigate the risk that medical systems face.
More tips to come soon.
[1] https://www.dailymail.co.uk/health/article-7149385/Cybercriminals-hack-medical-devices-used-NHS-hospitals.html
[2] https://www.healthcareitnews.com/news/cisos-report-cyberattacks-rise-healthcare
Leave a Reply