[ad_1]
From: TT
Published:
Photo: Jenny Kane / AP / TT
The attackers’ new method is to establish themselves on the network before attacking and encrypt files. Stock Photography.
Hacker attacks with extortion programs run the risk of knocking out the health care medical records system, warns MSB. The authority sees signs of increased activity with campaigns targeting Sweden.
In Sweden, both public and private activities have been affected by so-called ransomware attacks in the last year. Such an attack at this time would hit the Swedish healthcare system hard, which is under pressure due to the spread of the crown, writes the Swedish Civil Contingencies Agency (MSB) in a report last summer.
Ransomware attacks involve hackers hacking and hijacking all or part of a company’s IT system. Information in the system is encrypted, impossible for employees to access. Thereafter, the perpetrators threaten to release the confidential information unless a ransom is paid.
The blackmail programs would likely affect healthcare more than other sectors, says Peter Jonegård, a unit manager at Cert-se, which helps society deal with and prevent IT incidents.
The healthcare sector has previously shown that it is capable of managing when medical record systems go down by activating so-called continuity plans. So the handling must be done more via paper and telephone, and it also becomes very cumbersome for the staff. If an attack were to take place now during the corona pandemic, an already strained business would be affected.
– Everything gets a little more complicated when you don’t have the usual computer support. And they don’t have as many staff, says Peter Jonegård.
New attacks in the United States
Recently, US authorities, including the FBI, warned the healthcare sector in the US about the increase in threats from ransomware players. Therefore, CERT-SE, which is a function within MSB, launched an information campaign in June, targeting healthcare providers, technicians, and decision makers in the regions of the country. According to Peter Jonegård, it is about taking precautionary measures to protect the regions’ networks.
– What we are doing now is sending more specific information to hospitals and regions that adapt to this threat. We analyze the tools of ransomware campaigns and provide information on how to protect yourself and also detect possible intrusions, says Jonegård.
For a year, the blackmail attempts have changed character. Previously, perpetrators seized a computer when, for example, an employee clicked on a link in an email. The files on the computer, which were often visible to the user, were then encrypted.
Recently, criminals are trying to find a way to intrude, it may be through a vulnerability in a server or, as before, through email, to open a back door in the computer so that they can get back into the IT environment. It does not encrypt the files at the same time, but make sure you become a system administrator so that, for example, you can delete the backups first. They then try to spread the encryption over local networks.
– You establish yourself in the net before attacking, says Peter Jonegård.
FRA and Säpo
According to the MSB, this is what healthcare must be prepared for, for example by taking technical measures. Together with the police, security police and the Swedish Armed Forces radio station, MSB has previously produced recommendations on how you can increase resistance to attacks in healthcare.
IT security in the healthcare sector is neither worse nor better than in any other sector, according to Peter Jonegård. Because there are so many different care providers with subcontractors, it is highly variable.
– There are those who have great teams that work with this, which is a great area of contact for us. Then there are those who don’t have the resources for this, perhaps smaller organizations. Like most other companies, functionality or accessibility comes first, and it’s hard to count IT security until something has happened.
Published:
