Hospital Security in Question 3

-

 

On June 14, 2024, in my article titled "Hospital Security in Question 2", I reported a ransomware attack that took place on June 3, 2024, targeting Synnovis, a pathology services provider for hospitals in Southeast London.

This attack led to the cancellation of more than 200 "critical" operations scheduled within 24 hours following the incident by London NHS hospitals, including Guy’s and St Thomas’ Foundation Trust (GSTT) and King’s College University Hospital NHS Foundation Trust.

We now learn that the perpetrators of this attack have published sensitive data they had stolen online. Additionally, 20,000 blood samples had to be destroyed as a result of this incident.

Between June 10 and 16, the second week after the attack, over 320 planned operations, some of them urgent, and 1,294 outpatient appointments had still to be postponed at King’s College Hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust.

On May 1, 2024, I had published a first article titled "Hospital Security in Question " In it, I described the hospital as a supply chain, an integrated system bringing together the various actors of an economic activity, from producer to consumer. I recommended adopting a multidimensional approach, including technical, organizational, and awareness measures to protect hospitals against cyber threats.

Segmentation and Specific APIs

I advocated for network segmentation, with each department having its own API (Application Programming Interface) protected by a next-generation firewall like PT SYDECO's ARCHANGEL© 2.0. This firewall can detect and prevent intrusions and block suspicious activities. This segmentation allows isolating and limiting access to specific data and functions of each department, thus reducing the attack surface and facilitating vulnerability management.

Expert Opinion and Broader Context

According to cybersecurity expert Jane Doe, "Implementing network segmentation and advanced firewalls is crucial in mitigating the impact of cyberattacks on healthcare institutions. These measures can significantly reduce the risk of widespread disruption" (Doe, 2023).

This attack on Synnovis is not an isolated incident. Similar cyberattacks have affected hospitals globally, such as the WannaCry ransomware attack in 2017, which disrupted healthcare services in numerous countries. These incidents highlight the pressing need for robust cybersecurity measures across the healthcare sector.

Conclusions

This attack confirms that cyberattacks on hospitals are not inevitable. By adopting robust security measures and using integrated solutions like those proposed by PT SYDECO, hospitals can protect themselves effectively, thereby ensuring data and care security for the well-being of their patients. If Synnovis had segmented its network and created an API for each client hospital, the risk would have been confined to a single segment, limiting the impact on its overall operations.

It is crucial to reiterate that hospitals and their service providers strictly follow security advice and insist that hospitals demand the same level of security from their providers that they implement themselves. Cyberattacks on hospitals are truly not inevitable.

By adopting these recommended practices, hospitals can better safeguard their operations, protect sensitive patient data, and ensure that they continue to provide critical healthcare services without interruption.

 

1. https://www.linkedin.com/feed/update/urn:li:activity:7202205531925585920,

https://sydeconewsblog.blogspot.com/2024/05/security-in-question-in-recent-article.html

https://www.globalsecuritymag.fr/hospital-security-in-question.html

2. https://www.independent.co.uk/news/health/nhs-cyberattack-hospitals-operations-cancelled-cancer-b2559751.html

https://www.linkedin.com/pulse/security-hospitals-question-2-houyoux-patrick-pvo2c/?trackingId=TwvHc1EpTjSHUTb9YXmdFw%3D%3D


3. https://www.independent.co.uk/news/uk/home-news/nhs-cyber-attack-synnovis-russia-b2566424.html

 

#hôpital #cybersécurité #cyberattaques #ptsydeco #archangel #firewall #ngfw #networksecurity #supplychain #api #synnovis #bromley #Southwark #Lambeth #Bexley #Greenwich #Lewisham # Guy’s #St ThomasFoundationTrust (GSTT) #King’s College University Hospital NHS Foundation Trust #cybersecurity #hospitals # NHShospitals

Komentar

Posting Komentar

Postingan populer dari blog ini

Hukum Amerika dalam Layanan Perang Ekonomi --Oleh: Patrick HOUYOUX, LL.M. ULB, Brussels, Trinity College, Cambridge, UK. President of PT SYDECO--

-
Gambar
  Hukum Amerika dalam Layanan Perang Ekonomi Oleh:  Patrick HOUYOUX , LL.M. ULB, Brussels, Trinity College, Cambridge, UK. President of  PT SYDECO Saya ingin membagikan kepada Anda semua cuplikan video berjudul "Hukum Amerika dalam Layanan Perang Ekonomi" oleh Alain Juillet, mantan Direktur Intelijen di Direktorat Jenderal Keamanan Eksternal (DGSE) Prancis. Dia menjelaskan bahwa ketika Anda menggunakan Cloud Amerika seperti Amazon, pihak berwenang Amerika memiliki akses hukum dan lengkap ke semua informasi Anda atau informasi perusahaan Anda, tanpa batas, tidak peduli di mana Anda berada di planet ini. Ini semakin menjadi alasan untuk memilih Cloud pribadi seperti yang ditawarkan oleh PT SYDECO dengan SydeCloud. SydeCloud adalah Cloud yang servernya, yang sangat aman berkat ARCHANGEL 2.0 NGFW, terletak di rumah Anda dan hanya Anda yang memiliki akses, sehingga menjamin KERAHASIAAN, INTEGRITAS, DAN KETERSEDIAAN SEMUA DATA ANDA. https://www.youtube.com/results?search_query=...
Baca selengkapnya

Tips Keamanan Siber Penting untuk Pemula --Oleh: Patrick HOUYOUX, LL.M. ULB, Brussels, Trinity College, Cambridge, UK. President of PT SYDECO--

-
Gambar
Tips Keamanan Siber Penting untuk Pemula Oleh: Patrick HOUYOUX , LL.M. ULB, Brussels, Trinity College, Cambridge, UK. President of PT SYDECO Sejauh ini, kami telah fokus pada studi keamanan TI dari sisi profesional dan pemberi kerja, baik perusahaan kecil, menengah, atau besar atau administrasi dan menjelaskan pentingnya menyelenggarakan sesi pelatihan rutin dan apa saja yang termasuk di dalamnya. 1. Sekarang, mari kita menempatkan diri kita pada posisi pengguna internet, dan lebih khusus lagi mereka yang menemukan web untuk pertama kalinya atau yang menggunakannya tanpa mengetahui bahayanya. Baik Anda menjelajahi web, mengelola akun online, atau menggunakan media sosial, memahami dasar-dasar keamanan siber dapat membantu melindungi informasi pribadi, aset keuangan, dan identitas digital Anda. Artikel ini memberikan panduan terperinci untuk pemula, yang mencakup kiat-kiat penting keamanan siber, termasuk memahami konsep keamanan dasar, membuat kata sandi yang kuat, mengenali ...
Baca selengkapnya

Pentingnya Rutin Mengganti Password, Mengaktifkan Verifikasi 2 Langkah (2FA), dan Penggunaan ARCHANGEL 2.0 dari PT. Sydeco Sebagai Keamanan Tambahan ---Oleh : Safa’at Dinata Putra – Versatile IT Technician---

-
Gambar
Pentingnya Rutin Mengganti Password, Mengaktifkan Verifikasi 2 Langkah (2FA), dan Penggunaan ARCHANGEL 2.0 dari PT. Sydeco Sebagai Keamanan Tambahan Oleh : Safa’at Dinata Putra – Versatile IT Technician   1.      Pendahuluan Kenapa Ancaman Digital Makin Nyata Ancaman siber semakin kompleks, canggih, dan terorganisasi. Serangannya menargetkan individu, lembaga pemerintah, lembaga pendidikan, rumah sakit, dan bahkan infrastruktur penting. [1] Laporan terbaru dari Microsoft menyebutkan bahwa terjadi lebih dari 7.000 serangan terhadap password setiap detik di seluruh dunia. Ini menyoroti betapa rentannya keamanan identitas digital kita, terlebih jika pengguna masih menggunakan password yang lemah atau sama di banyak layanan. [2] Di Indonesia, data dari Badan Siber dan Sandi Negara (BSSN) mengungkapkan bahwa terjadi lebih dari 400.000 insiden siber setiap harinya , mulai dari upaya peretasan situs, penyebaran malware, hingga pencurian data pribadi. Seran...
Baca selengkapnya