In a recent cyber attack, 100 hospitals in Romania fell victim to a ransomware attack. The attack targeted the Hipocrate platform, which manages the IT systems of numerous healthcare providers. The incident occurred on the night of February 11, resulting in the encryption of files and databases, rendering them inaccessible to the affected hospitals.
At first, it was reported that 21 hospitals had been directly impacted by the attack. However, an update from authorities revealed that the number rose to 25 hospitals the following morning. Additionally, 79 hospitals decided to take their systems offline as a precautionary measure while investigations were underway.
On February 13, the National Cybersecurity Directorate (DNSC) in Romania released an official update, stating that there was no evidence of data exfiltration thus far. However, it was later discovered that four other hospitals had also been affected. The DNSC confirmed that the attacker demanded a ransom of 3.5 BTC (equivalent to $100,000). However, the identity of the attacker remains unknown.
In response to the incident, the DNSC has advised against contacting the attackers or paying the ransom. They also recommended that hospitals using the impacted Hipocrate platform isolate the affected systems from the network and the internet. It is important to preserve evidence in memory to aid investigations. Once the affected systems have been cleaned up, hospitals should restore them using data backups. Additionally, it is crucial to update all applications and operating systems with the latest patches.
This attack on healthcare systems highlights the growing threat faced by the industry. Javvad Malik, lead security awareness advocate at KnowBe4, underscores the necessity of robust cybersecurity measures, regular system updates, and backups to mitigate such risks. Malik emphasizes the need for a coordinated response to cyber attacks, focusing not only on immediate technical measures but also on long-term strategies, such as building a strong security culture to enhance resilience against future incidents.
Tim Mackey, head of software supply chain risk at the Synopsys Software Integrity Group, highlights the high-value nature of healthcare providers as targets for cyber criminals. Breaches of data that include protected health information (PHI) provide attackers with information they can exploit to gain the trust of their victims. Infiltrating healthcare databases can have severe consequences, as attackers can tamper with patient information, potentially impacting patient care and posing challenges to rectify any harm caused.
This incident serves as a stark reminder of the critical role cybersecurity plays in patient care. It is not solely an IT issue but a fundamental aspect that underpins the healthcare industry. As cyber threats continue to evolve, it is imperative for healthcare organizations to prioritize the implementation of robust security measures, maintain up-to-date systems, and foster a culture of cybersecurity awareness. Only through these concerted efforts can the industry ensure the protection of patient data and maintain the highest standards of care.