Hacks into Health Data Continue, with The Most Recent Victim Being A Cancer Center.

Post Views: 265

There appears to be much time in one day without another instance of a cybercrime occurrence. The Crown Princess Mary Cancer Centre in Westmead Hospital in Sydney is the target of the most recent cyber attack. Hundreds of thousands of records are allegedly missing, and the cybercriminal gang Medusa has demanded them a hefty amount of ransom.

The criminal organization appears to be employing double extortion, which has grown into a widespread practice. Whenever this happens, hackers frequently offer a “sample” to back up their assertions and demand payment to “release” the information to the corporation.

The criminal groups then escalate the situation by setting a time limit of seven days for payment and threatening to publish the information on their websites if it isn’t.

For US$10,000, Medusa is giving a variety of alternatives, including the ability to download and/or erase the material from the gang after it has been released to the public.

What will occur on the morning of Friday if the price of ransom remains unpaid is not yet known. The Medusa Blog, on the other hand, grants free access to information taken from prior victims who missed the deadline for ransom payments.

The “second-most active cyber extortion group in the Pacific” is Medusa, according to CyberCX. Since the start of 2023, Medusa has been looking to hijack datasets of varied enterprises in Australia and New Zealand.

Why Target Health Services?

Cyberattacks on the healthcare industry are risky. While certain hackers were able to avoid targeting hospitals and educational institutions in the past, it appears that this is no longer the case.

Given the importance of understanding the services and information these institutions hold, it is not unexpected to observe numerous ransomware attacks targeted against vital healthcare infrastructure.

Elective surgeries had to be delayed as a consequence of attacks on Medibank, a Melbourne Heart Group, and Eastern Health, which runs four medical facilities in Melbourne’s east. These are only a few of the major instances that have targeted the Australian health systems.

According to software giant Microsoft, the medical sector (and related businesses) are one of the top objectives for hackers.

What Are The Impacts?

The health sector handles our most sensitive information, and none of us desire this information in unauthorized hands. In addition to privacy concerns, stopping regular operations in a medical center poses an imminent danger.

According to a recent analysis, 374 attacks involving ransomware that compromised roughly 42 million patients’ confidential health data occurred between 2016 and 2021 at US healthcare providers.

Moreover, healthcare services were impacted by about half of all ransomware attacks, with effects such as electronic system outages, cancellations of appointments, and ambulance divergence.

Why Do They Keep Happening?

Undoubtedly, medical technology has enhanced therapy and patient care in general. Although the development of technology is good for medical services, it also makes health systems more vulnerable to cybercriminals.

The communication among clinical systems and healthcare equipment is growing with each passing year. In addition, the healthcare industry requires more personnel and must rely largely on internet-connected or “digital health” solutions. The complexity and security of health systems are increased by how they are interconnected.

With a small number of organizations supported by the government, financial gain is the main driving force behind cybercrime. Unquestionably, the healthcare industry is one of the most lucrative targets since, in the end, lives are on the line, and organizations are more willing to pay a ransom if their security is hacked.

Cybercriminals take advantage of this, and these occurrences will probably keep happening even with improved cybersecurity in the industry and excellent governance.