On Tuesday this week, that is June 9, 2020, Life Healthcare Group announced that its southern African operation had been the target and victim of a cybercrime incident on its IT systems.
Even the group stated that it acted immediately on becoming aware of the incident and took its systems offline, in order to actively contain the attack, it’s as yet not established the extent of the attack and which sensitive data has been compromised as investigations are still underway.
In the meantime, the firm has invited external cyber security experts and forensic teams to advise and supplement its internal team’s and capacity while reporting the incident to the relevant authorities.
The firm has also assured the public that patient care has not been impacted and Life Healthcare “continues to provide quality healthcare across all of its hospitals and clinics, with patient care continuing to be our foremost priority.”
“In line with our business continuity plans, our hospitals and administrative offices have switched over to backup manual processing systems and continue to function, albeit and regrettably, with some administrative delays. The security incident has affected admissions systems, business processing systems and email servers. We immediately took these offline as a precautionary measure to contain the attack, conduct our investigations, and where necessary commence remediation,” the group said.
Pieter Van der Westhuizen, Life Healthcare Group’s acting CEO said in a statement: “First, and foremost, we wish to assure all the communities within which we operate, that this criminal attack on our systems will not affect the quality care and clinical excellence we aim to provide. Patient care remains our key priority. We are deeply disappointed and saddened that criminals would attack our facilities during such a time, when we are all working tirelessly and collectively to fight the COVID-19 pandemic. However, we will not be distracted, and will continue to place our patients first. We regret that the disruption caused by this criminal act may cause our patients some frustration, in what is already a trying time. We recognise and thank our employees, doctors and service providers for their dedication, and the professionalism they have shown by quickly adopting our manual backup systems. Our investigations continue and we are working around-the-clock to restore the affected systems.”
The Life Healthcare breach is the latest reminder that cybercriminals across the globe are working round the clock to exploit the current Covid-19 crisis for their individual, or collective, gain.
Reacting to the breach, Eugene Kaspersky, CEO of Kaspersky, commented: “The recently reported cyberattack on a healthcare institution in South Africa highlights yet again the harsh reality that cybercriminals across the globe are continually on the look-out for ways to exploit the COVID-19 pandemic for their own gain. Regrettably, during the past months, we’ve seen many cyberattacks on hospitals and health institutions around the world, and we consider them to be nothing less than terrorist attacks. Given that this global pandemic will likely continue for some time, we expect cybercriminals to keep exploiting the Coronavirus situation and, alas, we cannot rule out other healthcare institutions being targeted in future.”
Kaspersky currently offers free access to our B2B products to healthcare institutions and advise all representatives within this sector to leverage this support.
Furthermore, Kaspersky also provides advisory services to medical institutions. Following the incident, Kaspersky urges healthcare providers to follow the below-recommended cybersecurity practices and measures:
- Install all security updates as soon as they appear. Most cyberattacks exploit vulnerabilities that have already been reported and addressed and so installing the latest security updates reduces the risk of a possible attack.
- Remote access to corporate networks must be protected via a VPN and the use of secure passwords for domain accounts is critical.
- Any device operating system (OS) must be updated, to eliminate recent vulnerabilities
- Make use of a robust security solution with updated databases as well as a reliable endpoint security solution to protect corporate data from possible threats.
- Educate employees through cybersecurity awareness training – for both medical personnel and administration employees – about cybersecurity hygiene and practices. This can be done online and should cover essential practices, such as account and password management, email security, endpoint security and web browsing. Kaspersky and Area9 Lyceum have prepared a free course to support during this time.