ChWapi, the hospital center of Picardy Wallonia in Tournai, Belgium, has been the latest victim of a cyberattack. On Monday, all non-emergency operations had to be cancelled. Fortunately, the hospital was able to resume scheduled operations with just a few hours delay. Contrary to rumors that are currently circulating, the hospital did not fall victim to a second attack on Tuesday.
Back to Pen and Paper
The cyberattack on the ChWapi hospital center happened last Sunday evening. At exactly 8:46 pm, no less than 80 of their 300 servers were encrypted by cybercriminals and therefore became inaccessible. With the personal data of patients no longer available, staff had to revert to pen and paper to record information.
This, of course, also caused delays. Some consultations could not take place, and all non-urgent operations had to be cancelled or postponed. On Monday, staff had to text or phone about a hundred patients to let them know.
Moreover, administrative staff working from home due to the coronavirus crisis could no longer access the center’s systems.
No Ransom Demand Yet
The hospital’s IT department worked through the night on Monday night to restart important servers and get their main systems back up and running. A team from the Computer Crime Unit of the federal police went to the site on Monday to assist.
So far, the cybercriminals have not yet made a ransom demand. Furthermore, according to the hospital’s communications department, at this point it appears that they haven’t stolen any data either.
The Computer Crime Unit did reveal that the technique that had been used is “some kind of mutant of a known computer virus.” Didier Delval, general director of the hospital center, revealed this in an interview with a local newspaper. He also confirmed that the center did not fall victim to a second attack on Tuesday, contrary to rumors that are currently circulating.
Ambulances Have to Be Diverted
The hospital was able to reopen operating rooms at their IMC and Notre-Dame sites on Tuesday. The operating room at the Union site is expected to reopen today. Covid-19 vaccinations are going ahead as planned.
However, the hospital remains closed for the Belgian emergency services. This means that ambulances, whose patients may be suffering from life-threatening medical situations, have to be diverted to nearby hospitals.
The hospital is doing its utmost to return to normal operations as soon as possible.
Life and Death
The pandemic has once again rubbed it in our faces: ransomware attacks and other digital dangers are an increasing threat to healthcare organizations.
In March, a DDoS attack took place on the computer systems of a French hospital group. Early September, a patient died in Germany after hackers shutdown the computer systems of a university hospital. A series of American hospitals, the largest hospital in the Czech Republic and healthcare organizations in the UK, the Netherlands and many other countries have also been attacked.
Computer viruses, malware, social engineering, hacks, brute force attacks … There are many ways in which cybercriminals can and do attack hospitals.
In fact, IBM’s annual Threat Intelligence Index shows time and again that the majority of these attacks start with human error. Sometimes, it only takes 1 click on a phishing email to compromise entire systems. And that’s easily done, especially in an environment where you have to be on your toes 24/7. The big difference with attacks on companies, where the financial ramifications can add up to astronomical sums, is that with hospitals it’s a matter of life and death.