A recent ransomware attack in the UK has disrupted health services, with reports of surgeries being cancelled. The attack targeted King's College Hospital and Guy's & St Thomas' Hospital in central London. Representatives of the two hospitals confirmed that their partner, Synnovis, had suffered a major cyber incident.
This has had a serious impact on the provision of medical services, especially blood transfusions. Some medical examinations have been forced to be cancelled or transferred to other providers. According to the British media, this is a ransomware attack, patients have had to wait twice as long to get their medical test results.
The attack crippled Synnovis’s IT systems, causing major disruption to the delivery of pathology and healthcare services to thousands of patients. An analysis from Imperial College London has estimated the cost of the recent London cyber attack at nearly £6 million (€7 million).
Ransomware attacks are attacks in which malware blocks people from accessing data files, forcing victims to pay for access. Cyber experts say the trend is growing, especially in the healthcare sector.
“The healthcare sector is increasingly being targeted, as digitalization has unintentionally widened the attack surface and given rise to phishing and ransomware attacks,” said Laura Heuvinck, spokesperson for the EU Agency for Cyber Security (ENISA).
An ENISA report published last year found that ransomware attacks accounted for 54% of cyber incidents in the sector between January 2021 and March 2023, and that this type of attack was considered “the top threat in the healthcare sector.” However, the agency said that only 23% of healthcare organizations had a dedicated ransomware program in 2023.
The report, which covers part of the Covid-19 pandemic, said the healthcare sector was a prime target, with most ransomware attackers motivated by financial gain. Another report from the French Digital Health Agency in May confirmed “a continued presence of malicious incidents” in 2023, with 581 reports of cyberattacks in the healthcare sector, at least half of which were malicious.
Meanwhile, according to a report by software company Emsisoft, ransomware attacks targeting US hospitals increased sharply in 2023, affecting 46 US hospital systems, spread across 140 hospitals. At least 32 hospital systems had their protected health data stolen.
Hospitals can be at risk when they “talk to a lot of different vendors,” making their systems more “open,” said Alan Woodward, a computer security expert at the University of Surrey in the UK.
“The more connections there are, the wider the attack surface, and therefore the more opportunities for criminals to break in,” the expert said. Experts advise that it is important not to pay ransoms, with some even pushing for an international ban on such payments.
“The advice is always don't pay because: A - you just encourage the criminals and B - you can't get your data back,” Emsisoft threat analyst Brett Callow stressed.
LAM DIEN
Source: https://www.sggp.org.vn/mat-trai-cua-so-hoa-nganh-y-post744184.html
Comment (0)