The World Economic Forum had conducted a study on healthcare cyber attacks in over 30 countries and the result is concerning as it shows that the threat is real and rising, more so in the last two years as the Covid-19 pandemic pushed the healthcare industry and healthcare facilities to the fore and center. The study went on to elaborate that the healthcare sector is a popular target for cyber criminals as the data can be sold on the dark web or be held for ransom. But this ransomware can quickly escalate to killware as the actions of these cyber criminals put lives of innocent people at risk.
Cyber Attack on Healthcare on the Rise
Cyber attacks on healthcare have continued to plague the sector since the start of the COVID-19 pandemic and a cyber attack on healthcare is more than an attack on computers. It is an attack on vulnerable people and the people who are involved in their care. The study by World Economic Forum added that at CyberPeace Institute, they had analyzed data on over 235 cyber attacks (excluding data breaches) against the healthcare sector across 33 countries. While this is a mere fraction of the full scale of such attacks, it provides an important indicator of the rising negative trend and its implications for access to critical care.
Over 10 million records have been stolen, of every type, including social security numbers, patient medical records, financial data, HIV test results and private details of medical donors. On average, 155,000 records are breached during an attack on the sector, and the number can be far higher, with some incidents reporting the breach of over 3 million records.
In a spate of attacks on healthcare, ZD Net reported that the websites under Brazil’s Ministry of Health (MoH) have suffered a major ransomware attack that resulted in the unavailability of COVID-19 vaccination data of millions of citizens.
Following that attack that took place at around 1 am on December 10, 2021, all of MoH’s websites, including ConecteSUS, which tracks the trajectory of citizens in the public healthcare system, became unavailable. This includes the COVID-19 digital vaccination certificate, which is available via the ConecteSUS app.
According to a message left by the Lapsus$ Group, which has claimed responsibility for the attack, some 50TB worth of data has been extracted from the MoH’s systems and subsequently deleted. “Contact us if you want the data returned”, the message said, alongside contact details for the authors of the attack.
Just before 7 AM the same day, the images with the message left by the hackers were removed, but the websites remained unavailable. Following the attack, Brazilian health minister Marcelo Queiroga said his department holds a backup of the data allegedly copied and erased from the national health service’s databases. The National Data Protection Authority (ANPD) said it is following up on the case.
ANPD said the Ministry of Health was notified to provide clarifications on the case, as determined by the country’s General Data Protection Regulations. It added Institutional Security Office and the Federal Police will be contacted to cooperate with the investigation and inspection of the attack.
One Too Many Attacks
The latest issue faced by the Ministry of Health occurs amid increasing pressure on the Brazilian government to demand COVID-19 vaccination certificates from international travelers coming to Brazil as a response to the rise of the omicron variant.
The article also pointed out that this is not the first major security issue faced by Brazil’s Ministry of Health over the last few months. In November 2020, the personal and health information of more than 16 million Brazilian COVID-19 patients were leaked online after a hospital employee uploaded a spreadsheet with usernames, passwords, and access keys to sensitive government systems on GitHub.
Less than a week later, another major security incident emerged. The personal information of more than 243 million Brazilians, including alive and deceased, was exposed online after web developers left the password for a crucial government database inside the source code of an official MoH website for at least six months.
Health is a fundamental human right and it is essentially the government’s responsibility to protect the healthcare of its country and the people. People need access to reliable, safe healthcare, and they should be able to access it without worrying about their privacy, safety and security. It is hoped that these cyber attacks would serve as more than a wake up call and spur every country to do more to prevent cyber attacks against healthcare, protect the victims of such attacks, and hold perpetrators to account.