The healthcare industry has always endured more than its fair share of cyber-attacks. Cybersecurity experts have been warning about how cyber-attacks can quickly become deadly in the healthcare sector. But the world had been lucky up until last month when a misdirected ransomware attack failed the IT systems of a major hospital in Dusseldorf, causing the death of an urgent care patient. Today, the threat seems more real than ever. Recent cyber-attacks in the healthcare landscape have resulted in life-threatening disruptions like patients being redirected to other, often far away, hospitals, medical procedures and surgeries being delayed, and doctors being unable to access patient history and medical records.
Here’s a list of the 4 most recent cyber attacks that have hit healthcare facilities this year, making it all the more important to focus on strengthening the cybersecurity posture of healthcare organizations.
1. Ransomware attack on a Dusseldorf Hospital
A ransomware attack presumably targeting the Heinrich Heine University impacted as many as 30 servers at an affiliated Duesseldorf hospital instead. The encrypted servers resulted in the failure of IT systems and brought critical healthcare services to a halt. Emergency patients had to be redirected to another hospital, resulting in the death of a critical patient who couldn’t get treatment in time. It seems to be the first death caused by a security breach. The investigation revealed that the cyber attack leveraged a vulnerability in a popular commercial add-on software. The IT systems of the Dusseldorf hospital had been disrupted for over a week, leaving doctors unable to access patient data. The perpetrators provided the decryption key after realizing that their misdirected attack could potentially endanger the lives of emergency patients, but the damage had already been done. German authorities have already opened a ‘negligent homicide’ case against the hackers.
2. Double Extortion Ransomware in a New Jersey Hospital
A single computer infected by a TrickBot trojan jeopardized the entire network of the University Hospital in New Jersey earlier this year. About 240 GB worth of data was compromised back then. The perpetrators launched a double extortion ransomware attack whereby the attackers not only encrypt the victim’s data, they also exfiltrate the data and threaten to leak it if their conditions are not met. In the case of UH, New Jersey data breach, the attackers leaked 48,000 documents last month. The documents had patients’ personal data, such as social security numbers, copies of driver’s license and hospital paperwork. The leaked data has been removed since then, but the threats lurking around the IT healthcare infrastructures are more sophisticated than ever.
3. Cyber Attack on U.H.S. Facilities
The most recent attack on the IT systems of Universal Health Services is probably the largest cyberattack in the healthcare department of the USA. About 400 healthcare facilities spread across the USA and the UK operate under the UHS. The attacks launched last week resulted in network outage at several facilities, but the actual impact is still unknown.
The attack forced UHS to suspend user access to its IT systems to prevent further proliferation. As a result, the staff had no option but to revert to paper and pen. The attack details seem to be in line with the Ryuk ransomware, launched by a Russian cybercrime group. It will be days or even weeks before IT operations resume in UHS hospitals. However, authorities claim that the emergency departments at the affected hospitals are still functional.
4. Impact of Blackbaud Breach on Inova Health System
A ransomware attack took over Blackbaud’s servers and compromised some of its data back in May. The company provides cloud computing services to several healthcare entities and numerous other organizations and nonprofits. Blackbaud’s client healthcare organizations are still learning about how their data has been impacted by the breach that occurred about five months ago. Earlier in September, Inova Health System informed individuals that the breach had potentially compromised personal information of over a million of its patients and donors. Inova Health System had been leveraging Blackbaud’s services for its extensive network of hospitals, assisted living and primary care facilities. To date, six other healthcare organizations have also reported being affected by the Blackbaud breach. Although the vulnerability was closed, and there was no evidence of misused data, this particular incident highlights how important it is for healthcare organizations to gain complete visibility over their internal networks as well as all third-party software and applications they utilize.
Preventing Cyber Attacks in Healthcare
The recent surge in potentially deadly cyber attacks on the healthcare IT infrastructure demands immediate attention. The attacks have inevitably become more sophisticated, undetectable and bespoke. But at the same time, artificial intelligence, automation and next generation authentication have enabled healthcare organizations to deal with such threats proactively. The latest cyber security strategies blend human and machine learning capabilities to put up a comprehensive defense mechanism against modern threat agents.
Healthcare organizations must always stay a step ahead of cyber criminals by adopting a holistic approach to protect their critical infrastructure. It is high time for them to designate positions for CISO (Chief Information Security Officer) and invest in end-to-end security and monitoring tools and providers.