Healthcare and cybersecurity – a challenge still unresolved

Cybercrime Csaba Krasznay todayJuly 11, 2024 39

Background
share close

Ransomware attacks continue to be a major concern for healthcare actors, as well as threats through supply chains.

As a member of the Microsoft Intelligent Security Association, White Hat IT Security always pays close attention to Microsoft’s cybersecurity communications. We found one of these announcements (https://news.microsoft.com/2024/06/10/microsoft-to-help-rural-hospitals-defend-against-rising-cybersecurity-attacks/) from June particularly interesting, stating that Microsoft has launched a new program to cyber-protect rural hospitals in the US, as ransomware attacks in the healthcare sector are expected to increase by nearly 130% by 2023. The program aims to provide free and discounted technology services, as well as free training and support to these institutions. Microsoft offers its security products at a non-profit price and discounts of up to 75%. The collaboration is in partnership with The White House, the American Hospital Association and the National Rural Health Association, and aims to increase hospitals’ cyber defence capabilities and protect patient data. The initiative is part of Microsoft’s broader objective to protect critical infrastructure from growing cyber threats.

Cybersecurity is an issue in European healthcare as well

Although the initiative focuses only on the US, this does not mean that there is no problem in Europe. Inquiries to White Hat IT Security confirm the US figures, as there has been a noticeable increase in the number of inquiries from the healthcare sector recently. There are two reasons for this. Firstly, the number of ransomware viruses in the healthcare environment has not decreased and has even increased compared to the COVID-19 period. Second, the NIS2 compliance imperative affects healthcare critical infrastructures as much as any other industry with perhaps better financial opportunities. Let’s take a look at the incidents and impacts we are currently seeing in this sector.

Cyber attack cases in Europe

Only a news overview covering the second quarter of 2024 shows what a ransomware attack will do to regional supply. For example, the Simone Veil Hospital in Cannes was hit by a cyber attack in April, which significantly affected its operations and forced its staff to revert to paper-based administration. (https://www.bleepingcomputer.com/news/security/chc-sv-hospital-in-france-postpones-procedures-after-cyberattack/) This hospital is a flagship healthcare institution in France, particularly in the Cannes region, and has a significant impact. One of the first decisions taken by the institution’s crisis management unit after the incident was to take the computers offline, leaving them accessible only by telephone. They have not released many details about the attack, but said that no ransom demands or data theft had been identified at this stage of the investigation. The hospital’s management said in a statement that “This hospital has never been the victim of this type of cyber attack before” and added that cyber exercises held in recent months had played a crucial role in containing the damage and mitigating the consequences of the incident.

In June, a ransomware virus attack hit London-based medical testing and diagnostics provider Synnovis, causing several major hospitals to declare a state of emergency and cancel non-urgent surgeries and pathology appointments. (https://arstechnica.com/security/2024/06/london-hospitals-declare-emergency-following-ransomware-attack) The attack caused the postponement of surgeries requiring blood transfusions, including transplants. The incident has also affected the operation of hospitals and primary care in South East London. The UK Department of Health and the National Cyber Security Centre investigated the incident and supported the organisations involved. Experts believe that a Russian cybercriminal gang may be behind the attack (https://www.bbc.com/news/articles/cxee7317kgmo).

Importance of incident management

The incidents could go on and on, but these two cases highlight two key points for cyber defence in the healthcare sector. One is cooperation with the sector authorities. In both cases, national cyber defence organisations played a key role in the management of the incident and the participation of hospitals in national cyber defence exercises. The other is the existence of internal incident management processes. Whether it is a direct attack or some kind of outage in the supply chain, without proper internal incident management, it is very difficult for external actors to do anything. That’s why White Hat’s IT Security Operation Center is available to any healthcare actor that wants to build its own incident management process, either out of perceived self-interest or NIS2 compliance. And if, following the US model, Microsoft makes its affordable security service available to smaller healthcare institutions in Europe, our company, as a Microsoft Verified Managed XDR Solution provider, will be there to ensure that the technology behind the processes is of the highest standard.

 

Written by: Csaba Krasznay

Rate it
Previous post

Similar posts