The Hospital Clínic notified the Cybersecurity Agency of Catalonia on Sunday, March 5, that it had suffered a cyberattack. As a consequence, the center had to cancel emergency, laboratory and pharmacy services. The cyberattack, launched by the cybercrime company Ransomhouse, affected the Clínic and the CAP Casanova, CAP Borrell and CAP Les Corts centers.
Specifically, the cyberattack received by the hospital was of the ransomware type. “A ransomware is a type of malicious program or malware that hijacks user data making it inaccessible. In this case, it encrypts the data to later request a ransom for the ‘key’ that allows access to them again,” explains Rafael López, Head of Solution Architecture EMEA/LATAM at Perception Point.
This type of malicious program infects the network with a very simple procedure. “The most common is that the malware arrives through an email attack or also SMS. Sometimes it can also be carried out through content downloads on web pages, mobile applications or links through social networks”, shares Miguel López, General Director of Barracuda Networks. In this sense, being a victim of phishing can be decisive in endangering an entity.
The consequences of the cyber attack on the Clínic were visible from the outset. “In a first stage we saw the direct consequences, such as the stoppage of the normal functioning of the entity, cancellation of visits and interventions,” recalls Miguel López. The problem is that the cyberattack can go one step further: “In a second stage, the attackers can use the stolen information to carry out future attacks directed at the organization itself or sell this data to third-party agents specialized in attacks,” says the expert.
In recent years, cyberattacks on organizations in the health sector have experienced a notable increase. But they are not the only entities in danger. “For more than a year, following the war in Ukraine, the critical infrastructures of NATO countries have been targeted by Russian-sponsored cyberterrorists. Strategic sectors such as the energy supply chain are, without a doubt, another of the most likely and dangerous targets”, says Rafael López.
The problem is that, although there are infrastructures that are more prone to these attacks, they are all vulnerable. “Any sector is susceptible to suffering this type of attack. Let us bear in mind that cybercrime has reached a very high level of professionalization, which is why it will be governed by cost and benefit criteria. In other words, it will prioritize attacks on entities that simply do not have an adequate level of protection for the value of the data that can be stolen or attacked. Let’s not think that because they are companies or entities that do not have a level of activity as critical as that of a hospital, they run less risk”, explains the General Director of Barracuda Networks.
The experts are clear. The only way to prevent these attacks is to invest in cybersecurity. “It is necessary to increase the levels of investment in IT security and adopt a comprehensive cybersecurity strategy that includes specialized personnel, specific cybersecurity solutions, both preventive and reactive, as well as backup tools designed to recover data in the event of an attack,” defends Miguel Lopez.
Along the same lines, Rafael López concludes: “Within the comprehensive cybersecurity strategy, it is essential to protect email and applications in cloud environments using tools that allow threats to be detected at an early stage. In addition, it must be accompanied by training and user awareness campaigns”.