Are we prepared for an e-pandemic? That is what much of the healthcare sector has been asking itself in recent times due to the increase in cyber-attacks on the healthcare sector.
The digitisation of healthcare systems and the reliance on technology to run hospitals and healthcare facilities have made the healthcare sector an attractive target for cyber criminals.
In recent years, cyber-attacks on Spanish healthcare have increased, affecting hospitals and healthcare centres across the country.
In 2022 more than 500 institutions reported incidents, which, according to data from INCIBE, the National Institute of Cybersecurity, was an increase of 48% compared to 2021.
“89% of healthcare organisations have suffered an average of 43 attacks in the last year, almost one every week.”
Healthcare sector in the spotlight
Healthcare plays a vital role in the well-being of society, which also makes it a target of interest to cybercriminals.
Other reasons for hackers’ interest in this sector are the sensitivity of the data and the value of the information. Both aspects play a decisive role in today’s world. Data is a precious source of information that requires agile, efficient and secure management.
According to data from the European Union Agency for Cybersecurity (ENISA), especially since the arrival of the COVID-19 pandemic, there have been incidents ranging from economic losses to the total or partial cessation of the activity of the centres.
In this regard, a report highlights the vulnerabilities of connected treatment and diagnostic devices.
The study shows that the areas susceptible to attack are constantly expanding due to the increasing number of communication interfaces and connected medical devices used in healthcare, including treatment and diagnostic terminals.
In fact, medical devices are the most vulnerable to cyber-attack, despite their relevance to safeguarding lives and carrying out other healthcare treatments.
What techniques do cybercriminals use?
Attacks can have serious consequences for the security and privacy of patients, as well as for the continuity of medical services.
Cyber criminals use a variety of techniques to attack healthcare systems.
One of the most common is ransomware, a type of malware that encrypts system files and demands a financial ransom to unlock them.
Hospitals and healthcare facilities are particularly vulnerable targets for this type of attack, as they rely heavily on the data and information they handle.
Another attack method used by cybercriminals is phishing, a social engineering technique to trick users and obtain sensitive information such as passwords and system access data.
But that is not all.
Cybercriminals can also exploit vulnerabilities in computer systems to infiltrate networks and steal sensitive information.
Preventing cyber-attacks on hospitals: the importance of prevention
Cyber-attacks can have serious consequences for patient safety and the continuity of medical services. It is therefore essential to take preventive measures.
Here are some recommendations to improve the security of healthcare systems:
- Update IT systems with the latest security patches and software to avoid known vulnerabilities that can be exploited by cyber criminals.
- Implement robust security measures such as firewalls, intrusion detection systems and strong authentication systems. In addition, it is recommended to implement a continuous monitoring system to detect potential threats early.
- Training of medical and administrative staff so that they have a basic understanding of cyber security and can identify or prevent potential cyber threats. Education and awareness are essential to prevent the spread of malware and to detect suspicious emails or phishing attempts.
- Make regular backups and store them in safe and secure locations. This way, if a cyber-attack occurs, information can be restored quickly and effectively.
- Implement contingency plans in the event of a cyber-attack. These documents should include detailed procedures for the recovery of systems and the protection of confidential information.
- Evaluating and improving security on a regular basis to ensure its effectiveness and to adapt to changes in cyber threats. Conducting security audits and risk assessments are a useful tool to identify potential vulnerabilities and areas for improvement.
All these measures are very relevant and necessary to avoid serious consequences that go beyond ransom demands (which should never be the way to solve it). We are talking about everything from legal effects derived from the leakage of sensitive data to the recovery of normality and, of course, the health of patients.
How cyber-attacks affect the hospital power system
Beyond risking patient safety and privacy, cyber-attacks can have an impact on the power and energy infrastructure of healthcare facilities.
In some cases, cybercriminals attack hospitals’ power and energy control systems, putting patients’ lives at risk.
In addition, hackers can also disrupt the operation of critical medical equipment such as ventilators and cardiac monitors, leading to (very) serious consequences for patients.
Lack of access to electronic medical records can also delay diagnoses and treatments, putting patients’ lives at risk.
For all these reasons, it is essential to insist on patient electrical safety as a top priority, relying on the advances and challenges of hospital engineering to ensure that all work with data networks in hospitals is not compromised by cyber criminals.
The Hospital Clínic, the last major affected hospital
In Spain, during the first wave of the pandemic, the National Centre for Infrastructure Protection and Cybersecurity (CNPIC) was aware of three cyber-incidents in healthcare.
The Hospital Universitario Central de Asturias (HUCA) reported an attack on its laboratories, causing computer systems to be blocked for hours. And the Generalitat of Catalonia alerted of a cyber-attack on three hospitals and three primary care centres.
In fact, this issue has become particularly important for public opinion since the Hospital Clínic suffered a ‘ransomware’ cyberattack in early 2023, similar to the one suffered more than a year ago by the Autonomous University of Barcelona, which forced it to de-schedule 150 non-urgent surgeries and between 2,000 and 3,000 outpatient appointments.
This attack was perpetrated from outside Spain and forced the health centre to activate a contingency plan to deal with emergencies.
Another of the best-known events in Europe was that suffered by the University Hospital of Düsseldorf, in Germany, in September 2020.
The centre recorded the hijacking of 30 servers, which led to the closure of the emergency room and the death of a woman who could not be admitted. To date, she is considered the world’s first known death from ransomware.
Cases such as this German event show that cyber-attacks on healthcare have become a growing threat with serious consequences for the security and privacy of patients, as well as for the continuity of medical services.