Lockbit ransomware targets hospitals

LockBit ransomware, a notorious cybercriminal operation, has been increasingly targeting hospitals and healthcare facilities in recent months. This trend is deeply concerning, as it puts patient safety and critical medical services at risk.

Are the hospitals ready enough with the growing Lockbit ransomware attack and could save the Protected/Personal Health Information Data, which are very sensitive, remains a question mark.

The situation is very much alarming: Healthcare systems often have outdated IT infrastructure and lack robust cybersecurity measures, making them prime targets for ransomware attacks. A ransomware attack can cripple hospital operations, leading to the shutdown of electronic health records, diagnostic equipment, and even communication systems. This can delay diagnosis, treatment, and even put lives at risk.

Hospitals store sensitive patient data, including medical records, financial information, and social security numbers. A data breach caused by a ransomware attack could have devastating consequences for patients. With this Hospitals can incur significant financial losses due to ransomware attacks, including ransom payments, downtime, and data recovery costs.

In December 2023, LockBit affiliates attacked three hospitals in Germany, disrupting emergency room services. Three hospitals of the German hospital network KHO has feared to have been attacked by Lockbit ransomware. Together the three hospitals impacted have 1842 beds, 18 specialist departments and 820 doctors, and these numbers would give a fair idea of the impact.

The said attack happened on 24th Dec 2023 and severely impacted the systems that support the operations of the three hospitals. It is said that unknown actors gained access to the systems of IT infrastructure and were successful in encrypting data.

For security reasons, all systems were shut down immediately upon discovery and all necessary parties and institutions were informed. It could have dire repercussions for people in medical emergencies.

It's crucial to remember that hospitals are not just buildings; they are centers of care where lives are saved. Targeting them with ransomware attacks is not only unethical but also a serious threat to public health. We must take all necessary steps to protect our healthcare systems and ensure the safety of patients and medical professionals.

A concerning question arises, are our hospitals cyber safe? Can the best of the hospitals be made non-operational by a cyber-attack?

No hospital declares its cyber security preparedness. That seems to be a regulatory imperative as things stand now. A public disclosure should become a must.