Healthcare facilities are at higher risk from ransomware attacks due to the volume of private patient data. Learn about an attack on Victoria hospitals here.
The Victorian Government is investigating a sophisticated ransomware attack on several major regional hospitals forcing them offline. These hospitals are in the Gippsland Health Alliance, in the east, and South West Alliance of Rural Health, including hospitals in Warrnambool, Colac, Geelong, Warragul, Sale, and Bairnsdale, and services in smaller towns.
This cyberattack was discovered on Monday, Sept. 30, 2019 when it blocked access to the computer network with the use of ransomware including financial operations according to a government spokesperson. At the time they didn’t think that any patient information was accessed.
Premier Daniel Andrews stated that it was a criminal attack that had deliberately targeted the hospitals. Because of the attack, cybersecurity experts will be required to work several weeks to secure the network from further attacks. The Government was working in collaboration with the Victoria Police and Australian Cyber Security Centre in Canberra to secure the network. While a number of servers were impacted, and investigations were underway to determine the full extent of the cyberattack in hospitals across Victoria.
This cyber-attack isolated hospitals and disconnected a number of systems linked to the internet to quarantine the infection. The sophistication of the attacks was notable. According to David Cullen, an adviser to the Government on cyber issues, the attack bypassed the protections and controls in place to install the ransomware virus on the network. He didn’t think any private patient data was compromised, but a detailed forensic investigation was ongoing.
Due to the isolation of the computer networks, patient records, booking, and management systems were shut down, leaving hospitals to revert to manual systems to continue services. In order to minimise the impact on patients, the affected hospitals were working to update scheduling for bookings and other services until they could access patient information. Barwon Health was one of the services that were affected by the attack, compromising services to Geelong and the surrounding region. Barwon Health had to cancel some appointments and surgeries in order to focus on patients arriving at the University Hospital Emergency Department.
The West Gippsland Healthcare Group was also affected by the cyber incident but it hadn’t caused problems with clinical services at West Gippsland Hospital. They were on schedule without any cancellations to surgery, emergency, and other hospital inpatient and outpatient services. The cyberattack had affected shared IT systems between the hospitals in the Gippsland Health Alliance. But it didn’t affect local internal intranet communications.
Since the Victorian Cyber Incident Response Service was launched in July 2018, there have been over 600 cyber-attacks reported on Victorian Government organisations. Cybersecurity experts have warned that healthcare data is a target for hackers to steal. And that auditors were able to hack in and access sensitive patient data at three Victorian hospitals to demonstrate the security risk.