We have discussed it time and again how ransomware operators have changed their targets in the last year or so. They are now more interested in targeting entities operating in the public domain, which also includes healthcare facilities.
The attack on Melbourne’s Cabrini Hospital’s cardiovascular facility has once again proved our assertion right. According to the reports coming in from Australia, the ransomware attack encrypted the patient record of more than 15,000 individuals. The most bit alarming of this attack is that the hospital administration couldn’t access the locked down data for nearly three weeks.
Such extended downtime for a healthcare organization is considered a high-degree system failure. It is also important to note that the locked down data belonged to a patient cohort that suffers from some life-threatening conditions.
Hospital Paid Ransom But Couldn’t Get All the Data Back
Downtime is the Achilles heel of healthcare entities. Cabrini Hospital suffered from extraordinary downtime and therefore resorted to paying the attackers to get ransomware removal solution. However, the decrypter sent by the attackers was not complete and couldn’t unlock some patient records.
The extended downtime and extortion payment also shows that the hospital couldn’t succeed in executing ransomware removal measures on its own. The news reports haven’t mentioned the cryptovirological vector used in the attack. Nor has the amount of ransom payment been made public.
The hospital administration maintains that the affected system was operated separately and not connected to the main server of the establishment. This means the attack remain confined to the system of the cardiovascular facility operated by Melbourne Heart Group. But that’s not the consolation anyone is looking for.
With the confidential data of more than 15,000 individuals compromised, it doesn’t matter now if the organization stopped the spread of the infection within its system. Confidential patient data stored with healthcare facilities have a great demand in the black market. The information available in such records can be easily exploited in instances of identity theft.
Australian Healthcare System Is at the Target of Cybercriminals
The ransomware attack on Cabrini Hospital is just the tip of the iceberg. The Australian healthcare landscape was badly suffering even before this attack. According to the Office of the Australian Information Commissioner, more than 50 healthcare cyber breaches were reported in the fourth quarter of the last year alone.
Healthcare Will Remain Vulnerable to Cryptovirological Attacks
Cryptovirological operators have found a soft target in the form of healthcare entities and they won’t let it go easily. The crucial nature of downtime brightens the prospect for criminals to rip off the affected entities in the name of providing ransomware removal decrypter.