A major ransomware attack (data hijacking) has hit one of the largest hospital networks in North America and Europe. On Sunday (27), the digital systems of the more than 400 Universal Health Services units in the United States, United Kingdom and Puerto Rico were stopped by a plague that forced employees to resort to backup systems and paper cards, while attending and conducting exams was largely hampered.
The problems continue until the moment this report is written, with the company’s digital platform still off the air. In the meantime, some emergency services had to be redirected to other hospitals in the region, while delivery of exams had to be postponed and consultations with hundreds of patients canceled. The company spoke quickly about the matter, confirming the occurrence, but did not disclose a deadline for normalizing operations.
According to Check Point Software Technologies, which specializes in digital security, the attack was carried out with a variation of Ryuk, a ransomware known since 2018 and whose development has already been associated with the Russian government. While it is not possible to cite political reasons behind this weekend’s attacks, the researchers speak of an increase in the number of attacks with this plague since July 2020, with an average of 20 organizations being hit each week worldwide.
In some cases, the ransom requested by the hackers may exceed the $ 1 million mark, with the crooks always targeting high-value companies and corporations. The goal, as always, is databases and backup servers, whose systems are encrypted in exchange for a release value. It is not known how much was required from Universal Health Services or whether a payment was actually made by the institution in response to the incident.
Also according to the statement released by the company, there is no evidence of compromise or theft of data from doctors, nurses, patients and other employees of the affected hospitals. The company said only that it continues to work on the case, cited as an IT security incident, and that it has protocols for situations of this type, which have been implemented and remain active to ensure care and response to medical emergencies.
A similar case was reported last week, with the first death from a ransomware attack being registered in Germany after a hospital in the city of Düsseldorf was unable to provide emergency care. A woman in serious condition had to be taken to another unit, more than 30 kilometers away, and ended up dying due to the delay in the rescue.
Check Point cites employee education and awareness campaigns as one of the best practices to prevent attacks, as such malware usually enters the network through fraudulent e-mails and messages that try to deceive employees. In addition, experts indicate the need for continuous backups, in order to minimize data loss and interruptions in cases of infection, as another good way.
In addition, as always, the indication is to have security systems active and always updated, as well as the systems and platforms that work in the databases. Other technologies that prevent external access to servers, analyze malware and intelligence programs on digital threats are also indicated as routes to prevent attacks in this category. In addition, experts ask that companies never make payments to hackers, as a way of not making the activity profitable and also because there are no guarantees that the delivery of the money will result in the release of the infrastructure.
Units in the USA, the United Kingdom and Puerto Rico had computers locked by malware, which made it difficult to provide emergency care and to conduct examinations and consultations. Systems remain down while centers work with backups and paper sheets
Fonte: Universal Health Services, Check Point Software Technologies
Did you like this article?
Subscribe your email to Canaltech to receive daily updates with the latest news from the world of technology.