Hospitals far more vulnerable to cyberattacks due to health crisis
If this is not the first thing that crosses the mind in this time of health crisis, it is the fact that hospitals are now the targets favoured by cyber criminals.
Cyber criminals looking for ways to make money increasingly targets health centers and other institutions with ransomware. These latter accounts for the fact that hospitals are overwhelmed by the ever-increasing number of patients every day, will not dare to refuse to pay the ransoms demanded. This is to avoid dramatic consequences that could affect the lives of patients. However, at the beginning of the health crisis, some cyber criminals had promised not to attack health facilities. One wonders what the state of this promise is today.
This article will also interest you: Canadian and American hospitals targeted by a wave of large-scale computer attacks
This situation is quite complicated. From the United States and Canada to Europe, almost every week hospitals and health centres are targeted and attacked.
Last week, the FBI, the U.S. Federal Police, issued a pretty strong alarm. In collaboration with the Department of Health and the Department of the Interior, the Federal Police officially declared an "imminent cybercriminal threat against U.S. hospitals and health service providers." In the aftermath, the U.S. authority urges health facilities to "take prompt and appropriate precautions to protect their computer networks."
For this problem of computer threats, the trend and much more on the side of ransomware. The malware that allows cyber criminals to encrypt access to their targets' information systems and data. Demanding in return the payment of a certain amount of money in exchange for the decryption keys.
In such cases, some targets agree to cooperate and pay the ransom demanded. But not everyone does. For example, the University of Vermont Hospital in the United States, recently stated that it was hit by a similar attack, it would work accordingly with the authorities to contain it. "A now confirmed cyberattack has affected some of our systems with varying impacts on patient care. means the center.
In recent weeks, nearly 400 hospitals have reportedly been victims of an illegal intrusion into their information systems. They are located in the United Kingdom and the United States based on data collected by Cybersecurity expert Daniel Dos Santos at Forescout. "Interrupting care means people are going to die," dos Santos says.
Unfortunately, health care facilities cannot afford to block the computer system for quite a long time. This means that it will have to be done in an analogous way, "which can cause major slowdowns," the Forescout specialist adds.
Unfortunately, the health sector's computer systems are particularly vulnerable. Indeed, it generally uses devices such as scanners that are considered to be the most sensitive point for the security of the network as a whole. The problem is that these tools typically use unsecured channels for data transmission. A boon for cyber criminals. The proof, Mr. dos Santos discovered in a recent report conducted during a study conducted by his company of caps belonging to nearly 3 million American patients. Data that is "unprotected and accessible to anyone who knows how to search."
In early October, Canadian authorities warned all institutions against attacks by the Ryuk ransomware. "Affecting multiple (public) entities, including municipalities, health and safety organizations in Canada and abroad." "The problem with extortion software is that it's getting worse. We desperately have to find a solution," says Brett Callow, a specialist at Emsisoft, a company specializing in computer security. He therefore advises a strict ban on the payment of ransoms. Because "these types of attacks exist because they are profitable. If the money tap was stopped, (they) would stop and hospitals would no longer be at risk," he notes.
Now access an unlimited number of passwords: