A new pandemic has already started: healthcare systems under attack

by Olivia Morelli - - 2021-06-22

Crypto-extortion and encryption-based malware become more prevalent and could cause a threat to life when healthcare providers get targeted

Malware attacks on healthcare create new risks Pandemic raises more concerns about IT security related to healthcare systems across the world

As societies across the globe try to come to terms with the new reality of living through the COVID-19 pandemic, which seems like a never-ending obstacle, it seems that the “new” pandemic has hit already fragile healthcare systems. It's a no-brainer that healthcare around the world faced certain difficulties due to the chaos of the current pandemic. However, menacing hacker attacks have put millions of personal and sensitive information at risk which could lead to severe damage and breach of personal data.^[1]

Recent threats known as ransomware attacks seem almost impossible to stop.^[2] Healthcare systems have been put into danger as many non-medical employees were named as not first importance, therefore many networks were left within less than usual security.

That led to a certain increase in the number of attacks and security breaches. This means danger to tons of very personal information including personal data, health history, the current state of health, it could even lead to death as it has happened in Germany, in 2020 when ransomware attack caused a delay of the computers, which possibly delayed the treatment of the patient who otherwise would have survived^[3].

In the most recent situation, Reproductive Biology Associates, LLC (RBA) has released a notice of data breach, stating that their servers and the ones of their affiliate, My Egg Bank North America, LLC (MBA), were affected by ransomware attack. As a result, cybercriminals managed to obtain the sensitive information of approximately 38,000 patients^[4].

A similar attack took place in Ireland as well when basically all of the healthcare systems were temporarily shut down. Hackers also have invaded the database private clinic in Lithuania and thousands of pictures of patients were stolen, some very sensitive, as people behind ransomware demanded the payment. Paying is never considered the best option, but many companies have paid and even got their money back thanks to authorities.^[5] However, the issue of attacks on the rise and main targets are not changing. The situation only gets worse.

Ransomware creators cause chaos and demand payments

For anyone with less than mediocre knowledge of computer science, it is beneficial to know that ransomware is a type of malicious software, or malware, that could prevent a person from accessing personal computer files, systems, or networks. While denying access people behind the attacks usually demand payment for the return of the stolen confidential files or records.

Such ransomware attacks could cause immense disruptions to day-to-day systems that are operating our lives, for example, the finance sector, traffic, energy supply, and of course, healthcare.

The dangerous thing is that technically anyone could unknowingly download ransomware onto a computer by opening an email attachment, clicking an ad, following a link, or even visiting a website that's embedded with malware^[6]

When unsafe code reaches the computer, any access to the data would be locked with no way of reaching them. The thing is, that most of the time people or huge companies have no idea that computer has been put at risk. You only understand the danger of the situation when you see messages demanding ransom.

People risk their health while their personal information also might be under the attack

Nowadays, within EU Digital Covid Certificates expected to fully launch by July 1, 2021, more risks come to life. Millions of people across the continent would be put into prominent danger as not only medical records could be used for ransom but the fact that some people have or haven't chosen to get the shot in the first place could be manipulated.

However, while ransomware attacks spread through the world's health care systems, we see way less attention on the subject than it was paid to COVID-19 pandemic coverage even though this “new” pandemic could potentially cause just as severe damage and possibly lead to the collapse of the health systems around the world.

In order to avoid such disruptions and threats people and companies should be more aware of the potential danger that hides behind such attacks. Users who actively participate in the work with sensitive information systems should be even more cautious and aware that ransomware distributors evolve faster than ever.

FBI suggests that any system or software should be kept up to date. It is also imperative to make sure that the computer is protected with an anti-virus solution. It shouldn't even be a question that any important or sensitive files should be backed and secured and a continuity plan in case of emergency should be made.

About the author

Olivia Morelli - Ransomware analyst

Olivia Morelli is News Editor at 2-Spyware.com. She covers topics such as computer protection, latest malware trends, software vulnerabilities, data breaches, and more.

Contact Olivia Morelli
About the company Esolutions

References

^ Anuja Vaidya. Report: Healthcare data breaches spiked 55% in 2020. Medcitynews. Breaking news.
^ Ionut Ilascu. ADATA suffers 700 GB data leak in Ragnar Locker ransomware attack. Bleepingcomputer. IT and security news.
^ Melissa Eddy, Nicole Perlroth. Cyber Attack Suspected in German Woman’s Death. Nytimes. News from all over the world.
^ Gabriel E. Hall. Reproductive Biology Associates and MyEggBank hit by ransomware. 2-spyware. Virus removal guides and security news.
^ Amanda Macias, Christina WIlkie. POLITICS U.S. recovers $2.3 million in bitcoin paid in the Colonial Pipeline ransom. CNBC. News site.
^ Ransomware. FBI. Government agency.