Week 31 Cyberattack Digest 2018 – SingHealth, Hong Kong’s Department of Health, MGM Hospital and others
Today, as always, a new cyber attack week digest is coming. Still, this time we decided to go a little bit more specific and make a compilation of articles that covered attacks in Healthcare industry exclusively.
MGM Hospital attack is the first in the row
by Asian Age – 19 July 2018
Well, you are quite right that the attack on MGM Hospital took place two weeks ago, still it is true to say that it was the first one in the series of security incidents in Healthcare sector this summer. According to the police, Vashi’s trust-run MGM Hospital has experienced a ransomware attack. The scenario was quite typical for such types of incidents: a malefactor locked the records in the hospital’s computer system and demanded a ransom in bitcoins to unlock the data. Shashanker, administrator of the hospital, commented that “around Sunday night, there was a problem in our system. We thought the system had got hanged and we could not judge the severity.” The administration of the hospital decided not to pay the ransom.
A man disagreed with the hospital’s diagnosis
by Reuters – 2 August 2018
Another incident that we are going to cover today took place almost five years ago, however, Martin Gottesfeld, 32, appearing for sentence was convicted of performing a cyber attack on a Boston hospital’s network only last Wednesday. A teenager named Justina Pelletier was taken into a Massachusetts state custody as girl’s parents disputed with Boston Children’s Hospital over her diagnosis, which determined the health problems were psychiatric in nature. The case exploded national headlines attracting the attention of religious and political groups defining it as governmental interference with parental rights, and Gottesfeld was among the ones that disagreed with the hospital’s diagnosis. According to the prosecutors, in March 2014, the man launched a distributed denial of service attack on a residential Wayside Youth & Family Support Network where Pelletier was a resident during the discharge from the hospital. Later in April 2014, he launched a DDoS attack on behalf of Anonymous on the network of Boston Children’s Hospital. That time, not only the network was knocked off the internet, but several nearby hospitals were also affected. The attacker will be sentenced on Nov. 14. In a statement that had been posted to YouTube earlier, Gottesfeld said he planned to challenge the verdict.
Hong Kong’s Department of Health faces a ransomware incident
by The Straits Times – 4 August 2018
Hacking healthcare organizations does not always mean risks for personal information. Hong Kong’s Department of Health experienced a severe attack. Luckily, the scope of damage is not as tremendous as in the SingHealth case, still, this does not reduce the hype around the incident. A spokesman for the Department of Health confirmed that three of computers at the department’s Infection Control Branch, Clinical Genetic Service and Drug Office had experienced by ransomware attack. The incident presumably happened over a period of two weeks from July 15. According to the spokesman, “files stored on the computers were encrypted by ransomware and an e-mail address to contact for a decryption key was left behind but no ransom was demanded.” The first conclusions of the investigation that was launched by the police stated that affected computers hadn’t stored any critical personal data, so no confidential information was exposed.
by The Straits Times – 4 August 2018
Two weeks ago, the attack on Singapore’s government health database grabbed all the headlines, and the new details of the incident consequences are still coming. As you remember, previously it was stated that about 1.5 million patients had their personal data stolen and the Singapore Government characterized the incident as “the Republic’s worst cyber attack”. Last Friday, the Cyber Security Agency (CSA) asked eleven critical services sectors to review connections to untrusted external networks. Among the affected sectors, there are government, infocomm, energy, aviation, maritime, land transport, healthcare, banking and finance, water, security and emergency, and media. As the result, even the Government lifted the pause on Smart Nation projects. It was noted that in case the connection is needed, the better protection should be also ensured, for example, via using uni-directional data diodes or secured two-way informational gateways. Government systems are said to have implemented “significant measures”, such as removing “unnecessary external connections with unsecured networks”. So, while the attack is over, its consequences are still affecting cybersecurity state in the country now, and, presumably, in the way of strengthening.
“The increasing number of cyber attacks on healthcare organisations reflects the vulnerability of their infrastructure and the value of the data in their systems,” commented Mr Sanjay Aurora, Asia-Pacific managing director at cyber-security firm Darktrace. The Healthcare sector has always been a desirable target for attackers, and time shows that, sadly, it does not lose its attractiveness. Still, as usual, follow us on Twitter, Facebook, and LinkedIn.