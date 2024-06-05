Commentary from Semperis on three London hospitals in cyberattack

June 2024 by Daniel Lattimer, Vice President, Semperis

The latest cyberattacks on hospitals in London have again put patient’s lives at risk and reinforces that these criminals lack any moral fibres in their bodies. The attacks are calculated and intentional because hackers know hospitals are more likely to pay a ransom in the manner U.S. based Change Healthcare did after it was attacked recently. And kudos to the impacted hospitals for working extremely hard to provide some patients services during this attack.

Today, it’s imperative for hospitals to conduct day-to-day operations assuming breaches will occur. Overall, ransomware attacks cause disruptions and cast doubt, cut into profits and in some cases can be a matter of life and death. Preparing now for inevitable disruptions will dramatically improve hospitals operational resiliency and better prepare them to turn away adversaries, leading the threat actors to softer targets downstream.

Today, there’s no silver bullet that will solve the cybersecurity challenges facing hospitals. First, identify the critical services that are “single points of failure” for the business. If critical services go down, then the hospital won’t be able to operate and leaders will be forced to make tough decisions and likely divert the most critical patients to other facilities in the area. Have a plan for “what to do if.” And keep in mind that in nearly 90 percent of ransomware attacks, the hackers will likely compromise the organisation’s identity system, which stores the crown jewels of the business. In the case of hospitals, it is patient data and other forms of proprietary information. Active Directory environments are the most vulnerable entry points, making it imperative that hospitals have real time visibility to changes to elevated network accounts and groups.