ATTACK LAUNCHED ON MAY 9. PATIENT RECORDS REMAIN INACCESSIBLE.
The country’s government, Naalakkersuisut, has said that Greenland’s healthcare system is ‘severely limited’ because of a cyber attack. Even after two weeks, the effects of the attack have not subsided despite government’s efforts to revive the system.
The immediate response to the attack was to restart all IT systems but this action led to severing of access to all patient records. A government statement issued recently reads, “Health services are severely limited and increased waiting times are to be expected while some might miss their appointments.”
The government has further confirmed that the attack has also induced malfunctioning in the healthcare service’s email system. They have, therefore, asked the citizens to call up the hospitals for any urgent requests.
So far, authorities have not revealed about the nature of attack. Neither have they responded to requests for comment. The Information Security Media Group requested for details about the nature of cyber attack but the government officials chose to remain silent. Initial investigations have only established the fact that the patients’ data was neither stolen nor damaged.
Doktor.gl is an online portal used by the healthcare authorities and patients. Often, the citizens use the portal for clinical appointments. The patients also use the communication platform to renew prescriptions. Until this condition persists, the government has requested the citizens to refresh their prescriptions at Queen Ingrid’s Health Center in Nuuk, the capital of Greenland. According to the latest government notification, “the health service continues to have some IT challenges after the cyber attack.” Because of the system crash, doctor.gl went offline and will remain that way until the cyber security response team finds a solution. The officials have asked the citizens to use phone lines to contact the healthcare facilities to fulfill their needs.
It is a common observation that threat actors often target healthcare organizations for ransomware attacks, knowing fully well that governments cannot afford to wait for a long time. They are inclined to pay the ransom and get back to the routine. But the trouble is hackers are not bound by any ethical standard. Usually, they do not restore the systems after the payment of ransom. They demand more.
Attackers are also after personal information of patients. Such data can later be sold for lucrative profits. The Hive, a ransomware group recently stole nearly a million personal details and information records from Partnership Health Plan (PHP) of California.
Hackers do this routinely and with ease because healthcare facilities are not well equipped to face an attack. Obviously, the system design was aimed at providing facility to patients. Fighting off hackers and organized criminals was never their intended purpose.
It is now the job of system analysts and coders to design software that does not easily succumb to attacks. The systems have to be foolproof to ensure smooth operations at healthcare facilities.
First comment
Second comment
tesasdasda