sb-au logo
Story image

In the shadow of COVID-19, a cyber health crisis looms

01 Sep 2020

Article by Wontok chief operating officer Bruce Perry.

On Sunday, August 2, four days before the Australian federal government released its long-awaited 2020 Cyber Security strategy, an alert to warn of rising ransomware cases in the healthcare sector was issued.

Canberra’s Australian Cyber Security Centre (ACSC) raised concerns about the increasing number of ransomware cases targeting healthcare, including hospitals and aged care homes amid the pandemic.

Specifically, cyber-criminals were using the ‘Maze’ ransomware to encrypt or lock an organisation’s valuable information, then threaten to go public unless a ransom is paid.

“Recently there has been a significant increase in healthcare or COVID-19 themed malicious cyber-activity, including targeting of the aged care and healthcare sectors by financially motivated cyber-criminals using the ‘Maze’ ransomware,” the ACSC said in the statement.

“Cybercriminals view the aged care and healthcare sectors as lucrative targets for ransomware attacks. 

“This is because of the sensitive personal and medical information they hold, and how critical this information is to maintaining operations and patient care. 

“A significant ransomware attack against a hospital or aged care facility would have a major impact.” 

Such an attack could have devastating consequences, especially in aged care settings already reeling from the deadly effects of the pandemic.

The warning signs have been there for a while.

The national cybersecurity strategy flagged the health sector as having the most cybersecurity incidents from July 2019 to June 2020.

Specifically, in the six months to December 2019, Australia’s Notifiable Data Breaches scheme recorded 537 breaches, including malicious or criminal attacks, and cyber-incidents. The health sector was the highest, with 22% of all breaches. 

Human error caused 43% of data breaches in the health sector, compared to an average of 32% across all notifications, according to the Office of the Australian Information Commissioner’s Notifiable Data Breaches Report.

And the day after the ACSC’s ransomware warning came news that South Australian aged care provider Regis, which cares for more than 6700 residents across 63 facilities, was the target of a ransomware attack.

According to the Australian Financial Review, documents with details of individual residents’ care and accommodation agreements, employee appraisals and passwords relating to one residential aged care home in Adelaide were posted to a public website.

While Regis told the Australian stock exchange that the attack had not affected service delivery or day-to-day operations, the organisation would have had to spend significant time and resources trying to ‘deep clean’ its IT systems and protect from any future cyber-incidents.

One can never tell what else cyber-criminals have planted or left behind in already compromised systems.

When Home Affairs minister Peter Dutton presented the refreshed Cyber Security strategy earlier this month, it was largely criticised for containing metrics not directly connected to realistic outcomes. 

Many levels of government have identified healthcare, especially hospitals and aged centre centres, as a prime target for cyber-attacks.

The strategy states that the minister will periodically update the action plan and “report to the Australian Government and the community on measures to continually enhance Australia’s cybersecurity”.

There is a clear and urgent need to address shortcomings in the healthcare sector’s cyber-safety preparedness or risk paying a high price for lack of action.

Story image
Video: 10 Minute IT Jams - Vectra AI exec discusses cybersecurity for Office 365
In Techday's second IT Jam with Vectra AI, we speak again with its head of security engineering Chris Fisher, who discusses the organisational impact of security breaches within Microsoft O365, why these attacks are on the rise, and what steps organisations should take to protect employees from attacks.More
Story image
Trend Micro launches cloud native security solution for modern applications and APIs
“Application security is an invaluable part of the Cloud One platform, integrating technology to provide superior protection for customers deploying applications wherever it makes the most sense for them."More
Story image
Remote working to accelerate cyber attacks - WatchGuard
"During 2021, attackers will seek out vulnerabilities in home networks with the objective of infecting connected corporate devices."More
Link image
The definitive checklist to distinguish a broken authentication system
An improper or insecure implementation of authentication is a critical web application security risk. This checklist will discern the good from the bad.More
Story image
Singapore makes an example of remote working in APAC, but security concerns persist
Respondents are most concerned about WiFi networks (39%), cloud storage (38%), email (36%), new technologies like IoT and 5G (34%), and video conferencing platforms (31%).More
Story image
rhipe adds Octopus licensing solutions to distie portfolio
The addition of Octopus Cloud provides rhipe partners with licensing solutions and management processes to support cloud transformation initiatives.More