Cyber Risk
In recent years we have seen a significant increase in data breaches and cybersecurity incidents, with businesses and governments coming under ever-increasing threats from malicious threat actors, intent on finding new and inventive ways to exploit weaknesses. In this blog, we look back at the widely reported ransomware attack on Ireland’s HSE (Health Services system) in 2021 and explore how organisations can benefit from strategic investments in cyber risk and incident management software. Ransomware attacks have disrupted a wide range of organisations globally, with the healthcare sector most affected in 2022, followed by critical manufacturing and government facilities.
Cybersecurity incidents have been increasing year on year, reaching a peak in 2021, with 623.3 million attacks globally. The sudden shift in the way we work as a result of the global COVID pandemic, has meant that a significant portion of the workforce moved to decentralised systems, cloud computing, and remote devices. This caused major problems for cybersecurity professionals as they tried to secure a new remote workforce and protect data and information.
With October marking cybersecurity awareness month, we are looking back at one of the most significant cyber-attacks on a national healthcare system, the ransomware attack on Ireland’s HSE, that according to University College Dublin cybersecurity expert, Jan Carroll “made everyone take cybersecurity seriously”.
In May 2021, Ireland’s Safety Executive was forced to shut down its entire IT system following a crippling ransomware attack, focused on accessing data stored on its central servers. Staff scrambled to deal with the situation by reverting to a paper-based system. In some areas, the number of appointments dropped by almost 80% in the days after the attack. Cobalt strike beacon, a tool that gives remote access to hackers was found in the HSE’s IT systems. This enabled the threat actors to move within the computer and execute their malware. The hackers deployed a form of ransomware known as Conti, which NHS Digital defined as an advanced tool that affects all Microsoft Windows versions and uses a unique routine to identify and encrypt files rapidly.
Outside of the cyber-attack on Ireland’s HSE, other developments in the industry have led to heightened awareness of the vital nature of cybersecurity in healthcare. Becker’s Hospital Review estimates that data breaches cost the global health care industry approximately US$5.6 billion every year.
Rapid advances in medical devices, mobile technology, evolving government regulations, and transformation in the way care is delivered and consumed – have come together to create an environment of complexity and vulnerability in the healthcare sector. Healthcare organisations are especially susceptible to ransomware due to the critical nature of the care provided, and reliance on up-to-date confidential patient information. Without quick access to drug histories and surgery directives, patient care risks getting delayed or worse coming to a complete halt. This means these organisations are seen by cyber criminals as more likely to pay ransom demands in order to secure patient care and privacy.
A keynote speaker at Ireland’s 2021 Smart Health Summit, Digital Health Lead, Dr. Saira Ghafur, from the Institute of Global Health Innovation at the Imperial College London noted that over the previous 18 months cyber-attacks had become more and more serious, evolving from amateur hacking to state-sponsored sophisticated activities, with malicious attackers exploiting the disruption caused by attacks in the healthcare sector.
In 2017, the WannaCry ransomware attack that took down to the United Kingdom’s National Service was a huge wakeup call for healthcare organisations around world, highlighting the very urgent need to make proactive investments in cyber security in the industry.
Healthcare organisations are a particularly inviting target for financially motivated threat actors, given the broad attack surface that makes it easy for cyber criminals to find vulnerabilities and monetise their exploits.
“
