Are organizations ready to take on the wave of cyberattacks targeting hospitals?
The health crisis has shown another face of cybersecurity.
Hospitals are constantly targeted by hackers, and unfortunately they can do nothing about these waves of cyberattacks, at least that's the impression we have. And the same is true of the authorities.
This article will also interest you: Hospitals much more vulnerable to cyberattacks because of the health crisis
In recent times, health institutions in the United States and Canada have been rocked by computer incidents based on ransomware attacks. It is a whole system that has been shaken and continues to be shaken because the attacks have not stopped.
The American and Canadian hospital system is held to be the most privileged by cybercrime in the use of this misadventure. And there are several reasons for this. "The ransomware is the AK-47 of cyber delinquency. This involves infecting a machine or a network of machines and encrypting hard drives. The ransomware makes your data totally indecipherable and will racketeer you to give you a key that will allow you to decipher your hard drive and finally have access to your information. It's really a classic. You don't even have to have technical skills to use that kind of thing. In the various problems that one can have in cyber security, this is really the thing that can affect everyone, from the accountant to the multinational. explains Fabrice Epelboin, a professor at Sciences Po and co-founder of Yogosha, a firm specializing in computer security and collaborative economics.
These computer programs have been proliferating for quite some time. However, the global health crisis has made these computer incidents initiated by hackers even more relevant.
As far as ransoms are concerned, their content varies according to cyber attackers and organizations that have been targeted. Fabrice Epelboin explains: "We're also going to have much smaller ransom demands. For example, for Wannacry in 2017, there was an attack on a lot of hard drives around the world, and that had paralyzed a number of hospitals. Basically, we have an unknown group, the Shadow Brokers, who stole a whole bunch of ELECTRONIC weapons from the NSA. Then they did a story telling and distributed it on the Internet. They built into a computer flaw that was in the Windows sharing system, and that allowed a "ransomware" to be sent. They infected a machine, as well as the entire network that was connected to that machine. And they attacked a considerable number of machines.They have paralyzed part of the English hospital system." Apart from these examples, there are some cases where hackers demanded the payment of ransoms amounting to several million euros, as was the case for the French construction group Bouygues construction.
When asked why hospitals are so targeted, experts agree that this is an area that is not effectively protected. And this is because from the beginning, the digitization of the hospital sectors did not take into account the aspect of cybersecurity. As a result, it becomes very difficult to deploy with the complications that might result, a good computer security system or a protection protocol. Couple this, it should be noted that hospitals unwittingly offer a lot of vector of computer attacks. This becomes easier for hackers who take advantage of it during cyber-malveillance campaigns. The problem could have been solved or easily managed if from the ground up, the right investments had been made on this important aspect. "The problem with protection is that it needs to be better foreseen upstream rather than after the fact. It's much cheaper and much simpler if you plan the security of the computer before a problem. Most of the time, all IT projects are managed from an economic point of view, but it is not something that can be seen. Generally, you don't make the investment in the first place. explains our specialist.
Now access an unlimited number of passwords: