Ransomware cyber-attack on Hillel Yaffe computer systems
In recent years, there has been a 30 percent increase in ransomware attacks. Clearly, it is a growing threat which cannot be ignored.
A cyber attack on the computer systems in the Hillel Yaffe Medical Center in Israel on October 13, 2021 is yet another example of this increasingly sophisticated and alarming trend. According to reports, attackers took over the system and locked filed and information which they are now demanding payment to release. There is also concern that confidential patient information may have been leaked on a large scale during the attack.
The attack is being dealt with by the Israeli Ministry of Health and the Israel National Cyber Directorate though events and negotiations are still ongoing, and the extent of the damage and potential long-term ramifications remain unclear.
In the meanwhile, urgent medical services at the hospital continued as usual, as the center switched to alternative systems. Logging admissions have been carried out by hand. As an additional indirect impact, there are reportedly heavy delays in treatment due to doctors having to physically walk between departments to review test results usually accessed via computer systems.
ASERO believes that even though this incident is still ongoing, there are a number of valuable takeaways and lessons to be learned which may mitigate similar attacks from taking place in the future.
We know that critical infrastructure, including the health sector, is often an attractive target for capable adversaries to carry out anonymous cyber attacks, though the motives may vary. In fact, data published by Check Point in 2021 revealed an average of 1,443 attacks or attempted attacks against the health sector per week in Israel alone.
Attacking a hospital is both particularly attractive and dangerous due to concern for patient wellbeing, leaking confidential patient information and potential access to hospital research data, as we saw in attempts to breach Covid-19 vaccine research.
In recent years, cyber attacks against hospitals throughout the world have had dire consequences. In September 2020, hackers exploited a computer software vulnerability to take over computer systems in a large hospital in Dusseldorf, Germany. As a result of the attack, hospital staff was denied entry to critical information forcing the evacuation of patients to nearby hospitals and postponements of planned surgeries. We learn from this that cyber attacks against hospitals can be difficult to recover from. Moreover, they can have significant and even lasting impacts on not only the hospital itself but on patient wellbeing. It is also evident that it is incredibly difficult to recover or retrieve data or information once it has been stolen.
Cyber defense should be a key component of any national defense strategy with critical infrastructure prioritized at both the national and sectoral levels. Firstly, when protecting critical infrastructure, it is necessary to map interdependent or supporting infrastructures so as to better understand the potential impact an attack against a ‘second tier’ system could have on critical operations and then to engage relevant operators in ensuring proper oversight and implementation of security measures against cyber threats.
In addition, critical infrastructures should invest in proper back up systems. In this case, reports indicate that hospital operations were unaffected by the attack. Finally, it is necessary to prepare and exercise emergency and contingency plans including the ability to work offline and to maintain and back up critical information.
Click here to apply to receive our full case study analysis, including insights and recommendations.