The Moisès Broggi centers in Sant Joan Despí, the Dos de Maig in Barcelona and the Creu Roja in L’Hospitalet are affected by a ‘ransomware’-type attack that kidnaps data to ask for an economic ransom
The Comprehensive Sanitary Consortium suffered a cyberattack on three large hospitals this Friday morning: Moisès Broggi in Sant Joan Despithe Two of May of Barcelona and the Red Creu of L’Hospitalet. They are also affected by up to a dozen different outpatients Y residences, all of them belonging to the CSI. Specifically, the affected centers are, in addition to the aforementioned hospitals, the CHAP Sagrada Família, Collblanc and Torrassa, two nursing homes and specialized centers in Sant Feliu and Cornellà. The Minister of Health, Joseph Maria Argimonhas assured that the attack is “serious”.
The attack has affected the operation in the centers. Staff cannot view records, schedule, or perform system-dependent tests such as X-rays. “It’s chaos. We’re doing the reports by hand“, explain affected doctors, who have been warned that until tomorrow “at least” the problem will not be solved. Emergency consultations are guaranteed, according to a spokeswoman for the Moisès Broggi hospital. In the case of the centers of primary carework normally, although without computer service.
data hijacking
The computer assault detected this past dawn it is a type ‘ransomware‘, method with which cybercriminals hijack data or access to computers in order to demand the payment of an economic ransom to release them. This has been confirmed by sources from the Agència Catalana de Ciberseguretat to EL PERIÓDICO, from the Prensa Ibérica group, who have not specified whether the Generalitat is negotiating any rescue.
The attack mainly affects necessary devices to carry out tests and visits to specialists, as El País has advanced and sources from the Ministry of Health have confirmed to this newspaper, who assure that work is being done to solve the incident as soon as possible. Both Salut and the agency in charge of the cybersecurity of the Catalan institutions have activated “containment measures to mitigate and minimize the impact”.
ongoing investigation
The Catalan Cybersecurity Agency has opened an investigation to determine the origin of the attack, as well as the affectation to be able to determine the terms of recovery of the system. Sources consulted have pointed out that the cyberattack is “quite important”. The Catalan Agency for the Protection of Dades (APDCAT), for its part, has confirmed to this newspaper that they still do not have any complaint or notification of a security violation, which is due to the fact that the investigation is still ongoing.
The Moisès Broggi Hospital already suffered a similar cyberattack in August a couple of years ago. Back then, another virus of the type ‘ransomware‘ infiltrated individual computers at the center and blocked their access for ransom. Being a critical infrastructure for the health of citizens, hospitals have become a juicy target for cybercriminalswho play on the urgency of their victims in their blackmail to obtain that payment.
Unlike what happened then, this time the hospital has all the Backups a day, which would minimize the impact of a computer attack of which most details are still unknown.