How ransomware attacks are threatening hospital systems
Ransomware attacks have struck hospitals in New Zealand, disrupting their IT systems, highlighting the importance of confidentiality in healthcare
Words by Dr. Ryan Grech and Dr. Dylan Attard, Clinical & Health Tech Advisors for MedTech World and two of the co-founders of Digital Health Malta.
We won’t pretend that we’re cybersecurity experts because we are not but the ransomware attacks at hospitals in New Zealand can happen to any institution all over the world. The reason we are writing about it is not to point fingers or bask in the situation but rather it is to highlight the constant need for enterprises to constantly upgrade their digital security systems and to ensure that they support their employees in the latest ways that hackers can infiltrate and cause havoc. Keep in mind that whilst cybersecurity specialists need to be right 100% of the time, hackers only have to get it right once.
So what is happening in New Zealand at the moment? Five hospitals within the district of Waikato have been subjected to a ransomware attack that has disrupted their IT systems and possibly has also resulted in confidential patient information being accessed. In an age where hospitals are reliant to some degree or other on IT systems, this can wreak havoc in a matter of minutes. Patients are being asked to arrive with paper documents and hospitals are advising them to “seek alternative avenues of treatment unless they are critically unwell.” There is no word on whether a ransom was demanded.
At the moment the most common cybersecurity threats that are experienced by healthcare systems are ransomware, the current being experienced by these New Zealand hospitals at the moment. Hackers manage to infiltrate into the IT infrastructure typically through downloading a spam email attachment. Once it infiltrates, hackers can gain access to most things on the network and typically block IT administrators from accessing said data. They typically manipulate the data further and encrypt it, holding the data “hostage” until a demanded ransom (usually in cryptocurrency) is paid.
This is not a new thing. One of the high-profile ones happened back in 2017 with the WannaCry attacks involving at least 40 NHS institutions. Just like it’s doing in New Zealand, the attack led to the cancellation of operations and clinical appointments, loss of internet connection in hospitals and for the sake of safety patients were diverted from emergency departments. These could have long term consequences. A ransomware attack on Rangely District Hospital, a nonprofit critical access hospital, left 5 years of patient records inaccessible.
Whilst you can have the most sophisticated antivirus and anti-ransomware software in the world, the security system is still as weak as its weakest link which sometimes tends to be employees. So what can you do as a healthcare employee to help your hospital’s cybersecurity team decrease the risk of hacking in your institution?
- Be aware – they don’t make you sit through mandatory training for nothing. Knowing what can potentially lead to a breach in the network such as an email from an unknown sender (spam) especially with an attachment or knowing how to detect other phishing attempts is extremely important. Training should be mandatory for all levels of staff in a hospital.
- Be aware of social hacking. Hackers rather than exploiting the technical vulnerabilities which can be extremely hard implant themselves in the institution and exploiting vulnerabilities in human psychology to bypass the tech. Famous hacker Kevin Mitnick terms humans as “the weakest link in any security system.” For example, Kevin, postulating as a new employee, managed to persuade a help desk colleague to provide an access token for the DoJ intranet. You can read more about social engineering here. It’s therefore extremely important to know who you work with every day including people that are in top management. As a result, the likelihood of getting duped is much less.
- Perhaps following up on the second point – always know who to speak to if you see any suspicious activity. Be it weird emails or a strange person who you can contact immediately to get a security threat checked out.
Just like we started this article we are going to end it. We are not security experts but we feel that awareness at all levels is important to make sure that we are prepared for the worst. It’s not only about having the latest tech but also about ensuring that employees are educated and trained. In addition, contingencies and failsafe mechanisms need to be put in place and reviewed so often. In a healthcare world that is moving to total digitisation of health, we need to be prepared for the worst and make sure that when a cyberthreat happens we can come out on top. A tragic ransomware attack happened in September 2020 at the Duesseldorf University Hospital in Germany where a woman was redirected to another healthcare facility around 20 miles away. This resulted in a delay in treatment with subsequent death.
Med-Tech World: 18th-19th November 2021
The Med-Tech World conference, which follows a successful digital event in 2020, will run from 18th-19th November 2021 and will highlight innovations and developments in digital health across the globe. With so many countries realising the potential for exponential growth, Med-Tech World will address the opportunities and challenges driving this multi-million forum – embracing the potential for technological innovation to change the face of medicine in this global sector. Register your interest here!