Citing a computer virus outbreak, a hospital system in the United Kingdom has canceled all planned operations and diverted major trauma cases to neighboring facilities. The incident came as U.K. leaders detailed a national cyber security strategy that promises billions in cybersecurity spending, new special police units to pursue organized online gangs, and the possibility of retaliation for major attacks.
In a “major incident” alert posted to its Web site, the National Health Service’s Lincolnshire and Goole trust said it made the decision to cancel surgeries and divert trauma patients after a virus infected its electronic systems on Sunday, October 30.
“We have taken the decision, following expert advise, to shut down the majority of our systems so we can isolate and destroy it,” the NHS said, of the unspecified malware infection. “All planned operations, outpatient appointments and diagnostic procedures have been cancelled for Wednesday, Nov. 2 with a small number of exceptions.”
The advisory continued:
“Inpatients will continue to be cared for and discharged as soon as they are medically fit. Major trauma cases will continue to be diverted to neighboring hospitals as will high risk women in labour.”
Although the NHS didn’t say what kind of virus infected its systems, it is likely an infestation of ransomware — a malware scourge whose purveyors have taken to targeting hospitals and healthcare facilities.
Ransomware scours an infected computer for documents, audio files, pictures and other things likely to be of value to the system’s owner, and then encrypts that data with very powerful encryption software. Most ransomware variants also scour the local network for other systems or network shares to infect. Victims usually can only get their files back after paying a specified ransom demand using a virtual currency, such as Bitcoin.
Earlier this year, experts began noticing that cybercriminals were using ransomware to target hospitals — organizations that are heavily reliant on instant access to patient records. In March 2016, Henderson, Ky.-based Methodist Hospital shut down its computer systems after an infection from the Locky strain of ransomware. Just weeks before that attack, a California hospital that was similarly besieged with ransomware paid a $17,000 ransom to get its files back.
According to a recent report by Intel Security, the healthcare sector is experiencing over 20 data loss incidents per day related to ransomware attacks. The company said it identified almost $100,000 in payments from hospital ransomware victims to specific bitcoin accounts so far in 2016.
As dependent as healthcare systems are on computers and information technology, the notion that a computer virus could result in bodily injury or death is no longer the stuff of Hollywood movie scripts. Unfortunately, the healthcare industry is for the most part still catching up in its ability to anticipate, prevent and respond to these types of cyber attacks.
As macabre as it may sound, perhaps people dying because of poor cybersecurity is exactly what it will take for more organizations to dedicate the necessary resources toward adequately defending the systems upon which they so heavily rely.
In 2010, I was interviewed by Team Cyrmu‘s Steve Santorelli as part of their ongoing Who and Why Show. Santorelli gave me a few minutes to answer the question, “What keeps you up at night?” My answer was basically that I worry what will happen to the Internet as we know it when people start to die in a measurable way because of computer and Internet security vulnerabilities and attacks. Here’s the entire interview if anyone cares to have a listen.
The crippling of NHS’s systems came as U.K. Chancellor Philip Hammond unveiled a national cybersecurity strategy, warning that hostile “foreign actors” were developing techniques that threaten the country’s electrical grid and airports, among other critical infrastructure.
“If we want Britain to be the best place in the world to be a tech business then it is also crucial that Britain is a safe place to do the digital business,” Hammond said Tuesday as he described the National Cyber Security Strategy in London. “Trust in the internet and the infrastructure on which it relies is fundamental to our economic future.”
What can businesses do to lessen the chances of having their critical infrastructure crippled by malware like ransomware? The FBI has the following tips:
Additional considerations for businesses include the following:
Further reading: SC Magazine UK’s take on the attack.
This entry was posted on Wednesday, November 2nd, 2016 at 10:26 am and is filed under Other. You can follow any comments to this entry through the RSS 2.0 feed. You can skip to the end and leave a comment. Pinging is currently not allowed.