The real motives behind the recent spate of hospital attacks

October 7, 2019

EXECUTIVE SUMMARY:

Last week, seven ransomware attacks crippled hospitals in Australia, and three attacks paralyzed hospitals in the state of Alabama.

In all ten cases, patients experienced disruptions to services. Hospitals temporarily stopped accepting all new emergencies, with the exception of persons in unstable conditions, and redistributed inpatients to other providers.

In Australia, institutions that continued to provide limited services functioned in manual mode, while in the US, doctors had to request for patients to bring in bottles of past medications, as pharmaceutical records were inaccessible.

According to Check Point security engineer Maya Levine, the motive behind a Ransomware attack is usually financial. “That’s it honestly,” Levine said. “Unless it’s spying for a nation, [money’s] the main, main motivation.”

Volumes of medical billing information represent an attractive target for hackers.

“The data can be sold for insurance-fraud purposes or it can be locked up and used to extort money from the affected health organization” says Jennifer Barr, healthcare analyst at Moody’s Corp.

In both AUS and the US, authorities assert that patient information has not been compromised.

IT professionals and patients alike are wondering what factors contributed to systemic disruption within the affected hospitals. Tremendous budget cuts within hospitals have been on the rise in recent years, but cutting IT spending is an egregious mistake.

Did these institutions underspend on IT infrastructure? Did they succumb to attacks on account of the version of Windows in use? Were patient services suspended for prolonged periods of time due to unstable long-term incident response plans? Was mismanagement of systems a factor? Poor implementation of other best practices? It’s unclear, but stakeholders, analysts, patients and the public are demanding answers.

CyberTalk is committed to delivering more details to you as soon as they’re released. For more information on this story, visit CBS News. For past CyberTalk coverage of the issue, click here.