[BreachExchange] Cyber-attack disrupts cancer care across U.S.

Destry Winant destry at riskbasedsecurity.com
Thu Apr 29 10:32:05 EDT 2021


https://www.securityinfowatch.com/healthcare/news/21220570/cyberattack-disrupts-cancer-care-across-us

Apr. 28—Some cancer patients across the U.S. saw their high-tech radiation
treatment delayed or disrupted in recent days after a medical systems
company with U.S. headquarters in Dunwoody suffered a cyberattack.

Elekta, a Swedish company with global headquarters in Stockholm, provides
precision cancer radiation treatment software to some of the most
prestigious health care facilities in the country. Yale New Haven Health
System was among those whose cancer care machines went down over the last
week due to the breach, only coming back online this Monday, a Yale
spokesman said.

In Georgia, Emory Healthcare also confirmed that some of its patients at
Emory St. Joseph's Hospital were shifted to other Emory hospitals following
the breach of Elekta's software for linear accelerators used in radiation
therapy. St. Joseph's is Emory's only hospital that uses Elekta, a
spokeswoman said.

" Emory Healthcare takes this event very seriously," said the spokeswoman,
Janet Christenbury.

A cancer patient at Emory Healthcare told The Atlanta Journal-Constitution
that his radiation treatment scheduled for last week was suddenly
rescheduled due to computer server issues. The patient did not want his
name used to protect the privacy of his treatment and said he did not know
the name of his radiation system.

"It's stressful enough" to have cancer treatment, the patient said. And
then "to have to deal with this."

The patient's treatment is expected to resume this week.

About 42 health care sites across the U.S. saw service disrupted as a
result of the breach, a spokesman for Elekta said.

"We are doing everything we can to get impacted customers up and running,"
Mattias Thorsson, Elekta's vice president of corporate communications, said
in an email. "We are working with each customer to find a solution that
works for them to get them treating as soon as possible, which is already
the case for some of them."

Other hospitals mentioned in news reports as affected by the breach
included Southcoast Health in Massachusetts, Lifespan Cancer Institute in
Rhode Island, and Rhode Island Hospital.

Hospitals and health care systems are increasingly targets of hackers. Some
hacks are aimed at stealing patient health information. Others are
"ransomware" attacks, designed to inflict maximum fear as the hacker seizes
control of the data or system in order to extort money. Elekta did not
release details of this particular attack.

Some experts have said the coronavirus pandemic left health care systems
easier targets because they are overwhelmed dealing with COVID-19.

Interpol, the international police organization, early in the pandemic said
that its cybercrime unit had detected "a significant increase" in
ransomware attacks targeting pandemic response institutions, adding that
"cybercriminals are using ransomware to hold hospitals and medical services
digitally hostage; preventing them from accessing vital files and systems
until a ransom is paid."

The hacking report Protenus Breach Barometer said healthcare hacking
incidents rose 42% in 2020. Other services estimated the increase being
from 25% to 55%.

Some of the cyberattacks could put patient care at risk, such as ones that
target medical devices such as insulin pumps or pacemakers.

Elekta works with cloud-based systems, and it said that as a protection it
took all its first-generation systems offline on April 22. Only some of its
170 customers nationwide were affected, Thorsson said. As part of its
response to the breach, it has sped up a migration that was in process,
transferring those customers to the Microsoft Azure cloud.

It is also working with cyber experts and law enforcement investigators
including the FBI to understand what happened.

Caleb Barlow, CEO of the Texas-based cybersecurity consulting firm
CynergisTek, in comments to the news organization MedTechDive, echoed that
healthcare is being targeted in the pandemic. He added that there was also
more opportunity for hacking because of the pandemic's shift to remote care
and communications.

"The bad guys know healthcare is very vulnerable," Barlow said.

CANCER TREATMENT BREACH

Cybersecurity experts said healthcare data breaches had spiked during the
pandemic, as hackers try to take advantage of a weak moment in the health
system. Often they are trying to take control of data, or a crucial system,
in order to demand ransom payment to give the control back. Elekta did not
gives details about this hack. Here are some points:

Who: Elekta, based in Sweden with North American headquarters in Dunwoody,
makes precision cancer radiation treatment systems. It uses cloud computer
technology.

What: Some hospitals that use the systems reported the systems going
offline. Elekta said it suffered a "data security incident."

When: The incidents started last week, and Elekta took its first-generation
systems offline April 22. It is working with hospitals to go back online
this week. Yale New Haven is back online.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210429/385b5eca/attachment.html>


More information about the BreachExchange mailing list