SPAIN — One of Barcelona’s major hospitals has been hit by a ransomware cyberattack, causing the center’s computer system to be crippled and resulting in the cancellation of 150 non-urgent operations and up to 3,000 patient checkups, officials reported.
The attack occurred on Sunday at the Hospital Clinic de Barcelona, resulting in the shutdown of computers at the facility’s laboratories, emergency room, and pharmacy at three main centers and several external clinics.
The hospital’s director, Antoni Castells, stated in a news conference on Monday that they could not predict when the system would be back to normal.
He said the hospital’s contingency plan would enable them to function for several days, but he hoped the system would be fixed sooner.
The Catalonia regional government issued a statement that its Cybersecurity Agency was working to restore the system.
The agency has revealed that the attack was orchestrated from outside of Spain by a group called “Ransom House.”
However, hackers had not made any ransom demands, according to regional government telecommunications secretary Segi Marcén, who added that no money would be paid.
The hospital’s press department said that all written work was being done on paper, and the hospital was redirecting new urgent cases to other hospitals in the city.
The attack cut off access to patient records and communication between units, according to Spanish state news agency EFE.
This cyberattack is just the latest in a series of recent attacks targeting healthcare institutions worldwide, highlighting the growing threat of cybercrime and the need for robust cybersecurity measures to protect critical infrastructure.
These attacks can cause significant disruption, with some hospitals forced to cancel appointments and divert patients to other facilities.
In response to these threats, hospitals and healthcare providers must have robust cybersecurity measures in place.
This includes regular system backups, network monitoring, and employee training to detect and prevent phishing attacks.
Additionally, hospitals must have contingency plans in place to ensure continuity of care in the event of a cyberattack.
Cyberattacks lead to poor patient outcomes and increased mortality rates
A recent study conducted by the Ponemon Institute and Proofpoint, a cybersecurity compliance company, found that more than 20% of healthcare organizations surveyed reported increased patient mortality rates after experiencing a cyberattack.
The study, which surveyed 641 healthcare IT and security practitioners, discovered that delayed procedures and tests were the most common consequences of cyberattacks, along with longer patient stays.
Of the cyberattacks, ransomware had the most negative impact on patient care, with 64% of organizations stating that an attack led to procedure or test delays, and 59% reported longer patient stays.
The study found that the four most common cyberattacks – cloud compromises, ransomware, supply chain, and business email compromises – resulted in increased patient mortality rates for 23% of the organizations experiencing them.
The study also revealed that cyberattacks resulted in poor patient outcomes for 57% of those surveyed and increased complications from medical procedures for nearly half of them.
Additionally, the average total cost for the most expensive cyberattack experienced in the study was US$4.4 million, including US$1.1 million in lost productivity.
Healthcare providers have been targeted for their troves of detailed patient data, resulting in disruptions to hospital operations and acute patient care.
For instance, the April 2021 cyberattack at Tenet facilities disrupted acute patient care, while Universal Health Services experienced a similar cybersecurity incident in 2020 that cost the chain US$67 million.
Organizations can take steps to protect themselves from attacks by implementing training and awareness programs and employee monitoring, as the study revealed that “organizations recognize careless and negligent employees pose a significant risk.”
For all the latest healthcare industry news from Africa and the World, subscribe to our NEWSLETTER, and YouTube Channel, follow us on Twitter and LinkedIn, and like us on Facebook.
