The first Geneva Convention gave medical workers a special status and hospitals were declared neutral territory. In some time, it will probably be necessary to create an appropriate equivalent of such a document on the Internet, because companies from the medical industry suffer from cyber attacks no less than others. However, the biggest difference is that in the case of companies cooperating with the public health service, it is people’s health that is at stake.
However, even if such a convention enters into force, it will not relieve medical companies from the need to provide adequate protection against cyber threats. Criminals quite often carry out attacks of „mass destruction” and no matter how much they wanted to choose their victims, it is impossible.
Recent epidemics include WannaCry and ExPetr as an example . Both were designed to encrypt data, and both affected many companies in the healthcare sector.
The first WannaCry attack was launched on May 12, 2017. In just a few days, the Trojan infected more than 200,000 computers, hitting its hardest for organizations in the UK’s National Health Service (NHS). Clinics across England and Scotland have suffered . Some of them disabled their e-mail to prevent infection from entering local networks. Many clinics have decided to send clients to other facilities if the case does not require urgent treatment.
The second epidemic – ExPetr – spread via the servers of Ukrainian tax filing software. Therefore, their target was companies filling their tax documents, including those from the healthcare sector. Not only companies from Ukraine suffered, but also a large Russian private medical company, INVITRO, which specializes in laboratory analyzes – its computers were not working for about 5 days.
Both epidemics encrypted the data on computers, and in both cases it was impossible to decrypt it even after the companies paid the ransom. Most importantly, however, WannaCry and ExPetr would not pose such a huge threat if attacked organizations followed a well-thought-out cybersecurity strategy.
Moreover, malware outbreaks are not the only threat. According to data published by the non-commercial organization Identity Theft Resource Center, in the first half of 2017, almost one in four incidents (24.8%) that resulted in data theft concerned organizations from the medical or health sector. These are obviously areas where the data consists of extremely confidential or sensitive information.
Kaspersky Lab pays particular attention to the safety of the healthcare system, cooperating with large medical companies for many years. We know what to protect and – more importantly – how to protect it.