Hospitals are increasingly finding themselves the target of cyber-attacks, affecting service and causing unease over sensitive data being stolen among both hospitals and patients. There are several pathways hackers use to access hospital computer systems.
Last week, the Saint-Pierre Hospital in Brussels was the victim of a cyber-attack. With computer operations blocked and servers slow, the attack caused a widespread outage throughout the hospital which led to major delays in operations and an emergency room being shut down for a few hours.
The attack led to panic across all public hospitals in Brussels and the whole computer network was disconnected to stop the computer virus from spreading.
This was not an isolated case. Last November the CHC Montlégia in Liège was also the victim of a cyberattack. Nearly four months later, its computer system is still offline. It appears that hospitals are prime targets for hackers – but why?
A data gold mine
Hospitals are valuable repositories of personal (and sometimes very sensitive) data. Hackers have understood that hospitals are a great resource for last names, first names, addresses, account numbers, and medical histories. Another reason is that hospitals often have IT departments that are under-invested, according to Nicolas van Zeebroek, professor of digital economics at the ULB.
To access a hospital's computer system, hackers use several possible pathways.
"Either they will take advantage of a vulnerability in the computer system, or they use social engineering techniques, or a combination of both," Michele Rignanese of the Belgian Center for Cybersecurity (CCB), told RTBF. "Any vulnerability in the system is an easy access door for a hacker."
Vulnerable equipment and manipulation
"In hospitals, very often, the equipment next to the beds and all the telemetry are connected devices which are very often vulnerable," added van Zeebroek. "In a laboratory, you can also find devices that are not necessarily well secured."
The second pathway focuses on social engineering and psychological techniques used by hackers to manipulate and deceive their targets, such as phishing.
"The goal of the game for the hackers is to enter little by little, to make a small hole and to widen it until they have sufficient access to lock everything," van Zeebroek told RTBF.
- CHU Saint-Pierre hospital hit by cyber-attack on Friday
- Vivalia posts massive losses after cyber attacks
Once inside, the attacker uses several processes. According to Rignanese, the most popular is the use of double extortion ransomware. "It enters the system, encrypts data and blocks access," she said. "The hacker will then start corrupting the data and then threaten to spread the virus if they do not receive the ransom demanded."
However, the Cyber Centre recommends not paying a ransom, regardless of the perpetrator, as there is never a guarantee of recovering data and gives hackers an incentive to continue their activities.