Hospital Clinic de Barcelona has fallen victim to a cyberattack orchestrated by the notorious Ransom House cybercrime gang. The attack left the hospital's computer system in shambles and led to the cancellation of 150 non-urgent operations and up to 3,000 patient checkups.
After the incident, the hospital started redirecting new urgent cases to other regional health centers.
The threat actors attacked without remorse, spreading their malware through systems at the hospital’s emergency room, laboratories and pharmacy “at three main centers and several external clinics.”
Hospital director Antoni Castells is reserved about the state of the systems and their restoration, saying that the center’s management “can’t make any prediction as to when the system will be back up to normal.”
Catalonia’s Cybersecurity Agency pointed to Ransom House as the perpetrator of the vicious attack, which it says was launched from outside of Spain. The agency is working on restoring the health center’s system.
Reportedly, the threat actors have yet to deliver a ransom demand. However, according to regional government telecommunications secretary Segi Marcén, Spanish authorities will refuse to pay.
While the hospital failed to say whether the incident exposed the facility to a data breach, reports indicated that the attack severed communications between units and cut off access to patient records.
The recent cyber-attack on the Hospital de Barcelona underscores the growing threat posed by cybercrooks increasingly targeting critical healthcare infrastructure. In December, a novel ransomware campaign dubbed Royal hit several healthcare organizations in the US.
To prevent similar incidents, medical centers and other healthcare providers must remain vigilant against threat actors and their malicious campaigns and take all precautions needed to stave them off.
tags
Vlad's love for technology and writing created rich soil for his interest in cybersecurity to sprout into a full-on passion. Before becoming a Security Analyst, he covered tech and security topics.
View all postsDecember 19, 2024
November 14, 2024