Hillel Yaffe Medical Center in Hadera was trying to return to routine operations on Thursday, one day after the ransomware cyberattack that hit the hospital’s computer systems. But it appears that a large part of the data backup is unrecoverable. Management is looking for an alternative server but the damage from information loss is great. The cyber unit at police special investigations Lahav 433 is cooperating with international law enforcement agencies on finding who was behind the break-in. Police imposed a gag on releasing details of the investigation, including the identities of the hackers.
The attackers left their email address on the affected servers, expecting management to contact them for ransom negotiations. But the government-run hospital is not allowed by law to pay a ransom. Nevertheless, according to 12News, the hospital did authorize an outside company to contact the email address, to find out the hackers’ demands, and reported that the hackers demanded $10 million to release the encrypted data.
According to one study (Ransomware attacks on US healthcare organizations cost $20.8bn in 2020), more than 600 US healthcare organizations and more than 18 million patient records were affected in 2020 by ransomware hacking at an estimated cost of close to $21 billion.
Hillel Yaffe Director Dr. Mickey Dodkewitz told Ynet on Thursday that “there is no harm to medical treatments” and “all the equipment is working.” But Israeli cyber experts estimate that the hospital will continue to operate in an emergency for at least ten more days, and the attack may continue to impact hospital activities for months.
Meanwhile, Hillel Yaffe staff continue to rely on written communication, the pen and paper kind, and it isn’t clear how long it would take to find an alternative server. One can only imagine the magnitude of the damage in terms of lost patient reports and medical history.
Dr. Dodkevich confirmed: “We are concentrating on medical care, and that has not been harmed from the first phase. “We have identified the problem with our information security personnel, we disconnected the external information and communication systems and are working with alternative systems and manual registration. All the equipment in the hospital works, all the equipment – CT devices, Heart catheterizations, in this respect there’s no damage.”
Dr. Gabriel Chirardo, a surgeon at Hillel Yaffe, told News12 that “it’s a bit difficult to go back to those days. We don’t have computers, we don’t have a system, and the work is a bit delayed.”
Dr. Pavel Plachiansi, Deputy Director of Emergency Medicine, said that “there’s some delay in terms of getting lab results and the situation is, of course, erratic, but things have not gotten out of hand.”
Prof. Ariel Ronin, Director of Cardiac Medicine, stated: “We treat our patients and try to do everything right. What we knew how to do four days ago, we know how to do today, too. The computer helped us, but we continue to do the medical work.”
Here’s a sobering fact: in Israel, possibly the most computerized nation on the planet, the hospitals are not defined as part of the “critical infrastructure” and do not receive special cyber protection, never mind the fact that so many human lives depend on their operations. The critical infrastructure companies that are entitled to daily briefings of the national cyber system are the Israel Electric Company, Ben Gurion International Airport, and energy companies.
According to the Association of American Medical Colleges (AAMC), more than 1 in 3 healthcare organizations globally reported being hit by ransomware in 2020 (The growing threat of ransomware attacks on hospitals). And the healthcare sector experienced a 45% uptick since November 2020.
says Amar Yousif, MBA, chief information officer at UTHealth in Houston, noted that “Attackers understand that we’re talking about life and death. There’s a great incentive to just pay and get the thing unlocked so we can treat patients.”
According to Dean Sittig, Ph.D., professor of biomedical informatics at the School of Biomedical Informatics at UTHealth, “Cybercriminals try every hospital, every day; every computer, multiple times a day.”
It might be a good idea to extend cyber protection to Israeli hospitals right about now. Because staying alive is easily as important as making your flight from Ben Gurion.