Cyberattack on major hospital in Spanish city of Barcelona has resulted in cancellation of thousands of appointments
A major hospital in Spain has become victim to a ransomware attack, which has impacted the health treatment of thousands of patients.
The Associated Press reported that the ransomware attack on Sunday on the Hospital Clinic de Barcelona, forced the cancellation of 150 non-urgent operations and up to 3,000 patient checkups, officials said Monday.
Unfortunately this cyberattack on one of Barcelona’ s main hospitals is not a new phenomenon, as ransomware attacks have unfortunately previously targetted hospitals, even during the height of the Covid-19 pandemic.
In September 2020 for example, a cyberattack on a major hospital in Duesseldorf, resulted in the death of a female patient.
The cyberattack caused a failure of IT systems at Duesseldorf University Clinic, and a woman who needed urgent admission died after she had to be taken to another city for treatment.
In the US alone, 764 healthcare providers were hit by ransomware in 2019, according to data compiled by Emsisoft.
Indeed in October 2019, three hospitals in the US state of Alabama were forced to temporarily close their doors to the admission of new patients because of a ransomware attack.
In May 2020, during the Coronavirus pandemic, Europe’s largest private hospital operator, Berlin-based Fresenius, suffered a ransomware attack that limited some of its operations.
Now the Associated Press reported that the ransomware attack on the Hospital Clinic de Barcelona, crippled its computer system and forced the cancellation of 150 non-urgent operations and up to 3,000 patient checkups, officials were quoted as saying Monday.
The attack shut down computers at the facility’s laboratories, emergency room and pharmacy at three main centres and several external clinics.
“We can’t make any prediction as to when the system will be back up to normal,” hospital director Antoni Castells was quoted as telling a news conference on Monday. He said the hospital’s contingency plan would allow them to function for several days, but he hoped the system would be fixed sooner.
A Catalonia regional government statement said the region’s Cybersecurity Agency was working to restore the system. The agency said Monday the attack was orchestrated from outside of Spain by a group called “Ransom House.”
Ransom House is a new extortion group and allegedly was founded in December 2021 and its members are said to have eastern European links.
Meanwhile regional government telecommunications secretary Segi Marcén told the Associated Press that hackers hadn’t made any ransom demand so far but that no money would be paid.
The hospital’s press department said that all written work was being done on paper and that the hospital was diverting new urgent cases to other hospitals in the city. Spanish state news agency EFE said the attack cut off access to patients records and communication between units.
Risk to life
Simon Chassar, CRO at cybersecurity specialist Claroty, noted that ransomware attacks like this often put people’s lives at risk, presenting a real moral problem for those dealing with the attack.
“Cyber criminals know that hitting patient services and business availability is the most effective way to gain a ransom payment,” said Chassar. “The healthcare industry is one of the few sectors where cyberattacks can fatally impact human life.”
“Attacks can put decision makers in a morally impossible situation in which they have no choice but to pay ransoms in order to get their services back up and running,” said Chassar.
“The connection of IT and OT devices and the convergence of the Internet of Medical Things (IoMT), creates a new range of cyber threats and attack vectors which threatens service up-time, and ultimately puts patients at risk,” Chassar added.
“Healthcare providers must build cyber resilience in order to protect service availability,” said Chassar. “Patching services should be implemented to fix urgent OT and IoMT vulnerabilities, as well as network segmentation with asset class network segmentation policies to limit the movement of malware and impact of a ransomware attack.”