Blog

Almost a week ago, some of Victoria’s major regional hospitals have been hacked in ransomware that has forced healthcare providers to go offline. The Victorian Government is investigating the scale of this cyberattack that includes hospitals in Geelong, Warrnambool, Colac, Warragul, Sale, and Bairnsdale. The attack has caused delays in outpatient care and surgeries. However, it is still not obvious if patient information has been accessed or not. The state government cyber-security experts have spoken to their federal counterparts to take noticeable action. Looks like the state’s hospitals need to invest in cybersecurity testing services to stay safe and avoid similar incidents in the future. 

A Similar Hack that Accessed Sensitive Patient Data

This hack comes after Victoria’s Auditor-General Andrew Greaves revealed in May, that he had successfully hacked into the IT systems of some biggest hospitals. He also stated that he had accessed sensitive patient data, highlighting serious cybersecurity vulnerabilities. He highlighted that the cybersecurity needed improvement, yet it is still under question if the necessary steps were taken to meet these vulnerabilities. A similar incident was reported in Queensland, where government systems were too weak to stand cyber-attacks and international espionage. 

Disruption to Patient Services but No Impact on Emergency Care

A Department of Premier and Cabinet spokesperson Daniel Andrews said, ‘The cyber incident, which was uncovered on Monday, has blocked access to several systems by the infiltration of ransomware, including financial management’. He added it could take weeks to secure the affected networks and clear out the virus. Additionally, he confirmed there would be some disruption to patient services but there will be no impact on emergency care. Andrews also pledged to notify any patients if their data or health records had been compromised by the hacks. 

The Investigation continues 

Federal and Victorian authorities investigate the matter and the team also includes the Australian Cyber Security Centre and part of the secretive Signals Directorate. David Cullen, principal advisor to the Victorian government on cyber incidents told reporters, ‘This will be a very long, complex and protracted forensic investigation. 

The University Hospital Emergency Department has reported that they are continuing to treat patients as they arrive. However, their data is not accessible since they have disconnected from the main servers. The department also said that the isolation had caused the shutdown of patient records and booking systems. Whereas, some hospitals had switched the manual system to attend their patients. 

Cyber-Security Experts called-in

Suelette Dreyfus, a cyber-security expert at the University of Melbourne said hospitals across the world have been targeted by cyber-attacks due to the valuable information they hold. He stated that the government needs to more to warn healthcare institutions of the potential risks. Such ransomware attacks are a reminder for healthcare experts to maintain cyber-security and enable two-factor authentication.