| Submit your comments on this article |
| Israel-Palestine-Jordan |
| Hospital has ‘no idea’ of scale of cyberattack havoc; recovery could take months |
| 2021-10-15 |
| [IsraelTimes] Day after major ransom attack identified at Hadera center, doctors report minimal progress on solving problem; experts unsurprised, predicting normality is at least 3 months away. A day after falling victim to the biggest cyberattack in Israeli health history, Hillel Yaffe Medical Center still has no idea how much damage was caused and does not know when they will be able to return to normal operations, according to a bigwig. Dr. Amnon Ben Moshe, administrative director of the Hadera institution, said that staff still have no access to the main systems used for viewing and updating hospital medical records, and for administration. On Wednesday, the hospital was hit by a still-unresolved ransomware attack, forcing the hospital to shut down its technology network and causing delays in care. "We’re in a similar situation to yesterday, when we identified the situation and saw the cyberattacks," he told The Times of Israel. Questioned on the current situation he said: "We don’t know the extent of the damage." Regarding the timescale for getting back to normal, he said: "We have no idea. We just worked all night." Cybersecurity experts say the process could be a very long one. Ido Geffen, a vice president at CyberMDX, an Israeli startup that offers cybersecurity solutions for medical devices and clinical assets, told The Times of Israel that the full recovery of data could take months. Einat Meyron, a cybersecurity consultant and cyber resilience expert, said: "There is a long road ahead to recovery. We’ve seen similar events in the US, Belgium, and Portugal for example where hospitals were attacked., and they needed about three to six months just to get to a point where they could start working [normally] again." Channel 12 reported Thursday that the attackers left an email address on the servers that were attacked. An outside company acting on behalf of the hospital made contact with the hackers, who demanded $10 million dollars ransom. The report noted that as a government hospital they were barred from paying ransoms. At Hillel Yaffe, some non-urgent procedures have been cancelled, but most of the hospital’s work is continuing, using alternative IT systems, some of which have been installed especially. Sounds like they’ve hardened themselves enough they needn’t pay, even if they were permitted to. The ability of doctors to access nationally-held patient records which include their medical background (as opposed to internal hospital records) hasn’t been interrupted. This is because Hillel Yaffe recently introduced hand-held devices that provide this access.Management praised staff for facing up to challenges well, in a statement on Thursday. "Along with the efforts of cyber and computing experts to rehabilitate the computer systems and investigate the incident, the medical work continues and our teams provide a very good response in the face of the existing challenges." Cybersecurity experts say that the attack, while serious, could have been worse. "In this attack, we know it came from the internet, meaning an attacker gained access to a password and then was able to get into the network," said Geffen. "The good thing is, no medical devices or critical equipment were affected, as far as we know. In similar attacks in the US and Europe, critical devices that patients were connected to were indeed affected and that is a much worse situation." He added: "Right now, the hospital is likely in the containment phase, making sure the attack doesn’t spread and trying to ensure all critical operations are still working. Then comes the investigation and recovery phase to determine what exactly happened and try to recover data." This is a long process if the hospital is to be sure that no "backdoors," namely malware by which unauthorized users can get around security measures and regain access, are left in place. "This can take months because it’s a careful operation to make sure the hackers didn’t leave any backdoors," Geffen said. Related: Hillel Yaffe Medical Center : 2021-10-14 Israeli hospital hit with ransomware attack Hillel Yaffe Medical Center : 2019-07-23 Cops shoot, injure Palestinian man who tries to stab them in Hadera Hillel Yaffe Medical Center : 2018-03-18 Netanyahu says Israel will demolish home of car-ramming attacker Related: Ransomware: 2021-10-14 Israeli hospital hit with ransomware attack Ransomware: 2021-09-12 Will There Be Another Meat Shortage In 2021? Ransomware: 2021-08-12 Consulting firm Accenture is hit by Russian cyber hackers who demand $50M after claiming they stole six terabytes of 'top secret' data |
| Posted by:trailing wife |
| #6 Some things just shouldn't be connected to the World-Wide Web. |
| Posted by: magpie 2021-10-15 17:45 |
| #5 Yep, big GE MRI scanners. Rotating 2 hr outages every night to 'bare metal' format disks and reload XP + aps from pristine media. |
| Posted by: Skidmark 2021-10-15 09:54 |
| #4 WRT diagnostic equipment, some older stuff from several of the big makers is so hopelessly abandoned by their manufacturers support-wise that the only safe way to use them is a clean software load at startup every day and a local backup of acquired data every night. |
| Posted by: M. Murcek 2021-10-15 09:33 |
| #3 Some years back, the VA had a three-day outage caused by a botched data center re-alignment. The hospitals went to paper. In three days they had a warehouse full of docs to enter into the system. |
| Posted by: M. Murcek 2021-10-15 09:31 |
| #2 HINT: Never expect IT Security if auto-update and device health checks are self-reported to technology vendors. Most lab equipment, Xray, CAT, MRI, PET scanners, and even Johnson Controls HVAC systems, call home with performance data. |
| Posted by: Skidmark 2021-10-15 07:23 |
| #1 HINT: Never expect IT Security if WiFi is in use. |
| Posted by: NN2N1 2021-10-15 04:57 |