Targeted online hospitals

Health systems are now highly vulnerable to computer attacks.

Cyber criminals are taking a liking to attacking health infrastructure. Their objective is in particular the theft of confidential data, the embezzlement of payment, or the ransom requirement.

At the beginning of the health crisis, some cyber criminals had promised not to attack health institutions. In this way they would not attack hospitals, and in the research laboratory these groups are distinguished in particular by the use of the ransomware Maze and DoppelPaymer. Unfortunately, a few months later the promise literally disappeared. The health system is once again at the heart of cybercriminal attacks. Especially those using ransom programs.

This article will also interest you: Smart Hospitals Face the Reality of Cybersecurity

Groups using Maze and DoppelPaymer are now suspected of having initiated attacks on hospitals across Europe. "Trusting cyber criminals has never been an option and it should now be clear to everyone, regardless of the ransomware at the heart of an attack. Hospitals are and will remain interesting targets, especially with the recent German legislation Krankenhauszukunftsgesetz on the digitisation of hospitals. " notes cyber evangelist Philippe Rondel of Check Point Software Technologies France.

In addition, ransomware is known to be one of the three biggest threats by targeting hospitals according to CheckPoint security specialists, in one of their recent studies of the most important attack methods and targets.

CheckPoint researchers concluded that 70% of hospitals in Germany were affected by an attack after exploiting a remote code execution vulnerability. About 70% of the cases, the data were not only exfiltrated but also published. In 58 percent of cases, authentication was circumvented by the cybercriminal when it was required. At the moment there are no detailed figures on ransomware attacks in large part. "Cryptocurring extractors, botnets and information thieves have been discovered in the networks. The case described at the beginning, as well as other examples from the past year, however, point out that malware is a tool that cybercriminals are willing to use against hospitals. Although this form of threat is constantly making headlines, other threats such as cryptocurrency extractors, botnets and others are much more common, as shown in the figures above. says Philippe Rondel.

In addition, according to a report by Slate, since 2016, nearly 1,000 health structures have been affected by cyber-ransomware attacks. The estimated losses as a result of these computer attacks are after US$150 million. In 2017, a dozen medical practices in Britain were affected by the famous Wannacry malware. And last year in 2019, several U.S. hospitals had to turn away patients because they could no longer meet certain needs because of a computer attack. At the beginning of the year, Czech hospitals were faced with this kind of problem.

"Ransomware attacks are becoming more sophisticated and sophisticated. Cyber criminals threaten to reveal sensitive information stored in encrypted systems, and ransomware is often associated with other threat techniques, such as in the case of the Hospital of Beneov, where Ryuk ransomware entered computer systems via the Emotet botnet. Similarly, the Phorpiex botnet, for example, broadcasts the Avaddon ransomware. notes Philippe Rondel.

Today, it is possible to find malware services available. Especially for ransomware software. This allows inexperienced attackers to be able to initiate on their own. In this way they pay part of their gain to the initiating pirates.

"The future in hospitals is clearly moving towards the increased use of networked devices via the Internet of Things (IoT). Intelligent and automated communications between different systems and devices will make it even easier for employees, doctors and nurses to monitor the physical well-being of patients and at-risk groups. At the same time, this digital communication also generates more data, i.e. potential prey for cyber criminals. checkPoint's specialist said.

Now access an unlimited number of passwords: