Australian Hospitals Hit By Ransomware Attack – Industry Reaction

As reported by the Australian Associated Press, hospitals in the Australian state of Victoria were hit with a suspected ransomware attack on Monday afternoon. The government said that while patient data was not accessed, patient record, booking and management systems were forced offline while investigation into the incident takes place.

This comes just months after an audit of Victoria’s public health system found that “all the audited health services are vulnerable to [cyber] attacks that could steal or alter patient data.

Experts Comments

October 01, 2019
Cesar Cerrudo
CTO
IOActive
Cybercriminals always try to get maximum profit doing the least effort; that’s why targeting regional hospital technology is a good business opportunity for them, as the private sector is becoming more secure and difficult to hack, while most healthcare systems are easier. There is a lack of cybersecurity knowledge and skilled resources in most healthcare organisations around the world, all the while technology adoption and dependence keep increasing; this makes for a dangerous cocktail. We.....Read More
Cybercriminals always try to get maximum profit doing the least effort; that’s why targeting regional hospital technology is a good business opportunity for them, as the private sector is becoming more secure and difficult to hack, while most healthcare systems are easier. There is a lack of cybersecurity knowledge and skilled resources in most healthcare organisations around the world, all the while technology adoption and dependence keep increasing; this makes for a dangerous cocktail. We can see in this instance that the hospital claimed there might be some disruption to outpatient appointments and non-urgent care (i.e. elective surgery), but no patient data has been exposed, but this could have easily not been the case and attacks such as these could end up putting human lives at risk. It’s imperative that governments around the world start taking some action before cyber-attacks consequences turn really bad.  Read Less
October 01, 2019
Chris Miller
Regional Director UK & Ireland
RSA Security
Sadly, attacks on healthcare organisations are becoming increasingly common, so it’s imperative that organisations take the necessary steps to manage digital risk very carefully. As more and more elements of healthcare go online, such as the widespread use of electronic patient records and internet-connected medical devices, hospitals are becoming an increasingly attractive target for ransomware attacks that seek to disrupt operations. Security and IT teams must not work in isolation,.....Read More
Sadly, attacks on healthcare organisations are becoming increasingly common, so it’s imperative that organisations take the necessary steps to manage digital risk very carefully. As more and more elements of healthcare go online, such as the widespread use of electronic patient records and internet-connected medical devices, hospitals are becoming an increasingly attractive target for ransomware attacks that seek to disrupt operations. Security and IT teams must not work in isolation, particularly in healthcare where the consequences can be extreme and even put lives at risk – just look at the WannaCry ransomware attack, which reportedly cost the NHS £92m and resulted in 19,000 appointments being canceled. In order to manage digital risk effectively, healthcare organisations need to ensure that everyone in the organisation understands what digital risks they face, how these can best be mitigated, and what the consequences are of not doing so. Then it is important to deal with these risks as much as possible. If you are not even doing the basics, then you could fall victim to a hacker who is simply rattling doorknobs to see which one is unlocked.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.