Cyber ​​attacks against health care more and more numerous (and harmful) – time.news

As he writes Luciano Florida in his latest book The Ethics of Artificial Intelligence. Developments, opportunities, challenges (Raffaello Cortina publisher) we are in the very first phase of building our digital realities. We can build them well, before they start to influence and shape us and future generations in the wrong way. In the world of cyber crime, artificial intelligence has unfortunately already taken a dangerous drift for some time. The exponential increase in cyber attacks directed against the healthcare sector, in the last five years, it has been a clear proof of this. The 2022 Report that Clusit – Italian Association for IT Security – has just presented tells how incidents are on the rise and the most feared threat remains ransomware, which encrypts data and holds it hostage until a ransom is paid.

Digital assaults against a vital sector

Above all, the severity of the attacks is growing and this is the most worrying element, an indication of the fact that criminals are determined to cause as much damage as possible to a sector of crucial importance to the populationso be sure to maximize your profits stresses Sofia Scozzari of the Clusit Scientific Committee. In 2021 digital attacks on this sector were 262 and represent 13% of the total (they were 10% in 2018 and 11% in 2019 and 2020). The main motivation always remains it cybercrime (99% of cases).

Geography of the victims

Regarding the geography of victims in health care, in America the prevalence of attacks was recorded (78% in 2021, 10% of the total, + 1.4% compared to 2020). On the other hand, in the general sample the American continent the target designated in most cases (45%). I’m also increased due to raids on targets in Europe (15% in 2021, 2% of the total, + 0.6% compared to 2020), while those towards Asia remained stable (0.5% of the total, as in 2020).

The most used techniques

From a technological point of view, the main threat remained malware (in fact, ransomware) with 40% of attacks on the sector in 2021, a situation that remains almost unchanged from 2020 (5.1% of the total in 2021, 4.9% in 2020). On the other hand, data breaches are on the rise, or the theft of personal data of patients, including medical records. As we said, the severity of the attacks on the healthcare sector is worrying: in 2021 19% was critical and 58% high. In other words, in almost 80% of cases we are talking about attacks with major or dramatic impacts. Worsening the picture is the fact that attacks with severity critical increase compared to previous years (2.5% of the total, + 2.3%), as well as high-type attacks (7.4% of the total, +2, 9%), adds the Clusit expert.

The most striking cases in the world

Some examples? In Ireland, Hse (Health service executive) that the country’s health and social services provider suffered a severe ransomware attack by the country in May. Conti gang (sided with Vladimir Putin, by the way): the criminals asked for a ransom of 20 million dollars, but HSE refused to pay. The attack caused severe consequences for the systems, causing various disruptions, so much so that patients were asked to go to the emergency room only in the event of a real emergency and in any case to expect long delays. However, some hospitals in the country have been forced to cancel all outpatient appointments. In the United States in August, the Memorial health systema non-profit organization that runs numerous hospitals, clinics and health centers, was hit by a ransomware attack that forced hospitals to do without computers and go back to using paper. All urgent surgeries and radiological examinations for the following days were canceled because of the attack. The consequences were so severe that the MHS said it had negotiated the payment of the ransom with the criminals to restore operations as soon as possible.

And in our country

And in Italy? The object of the attention of cyber crime was the Monzino Cardiology Center in Milanin April, and theSan Giovanni Addolorata hospital in Rome in September, in addition to various local, regional or provincial health authorities (Umbria, Tuscany, Savona, Rome, Messina, Lecco). In most cases these were ransomware attacks (unpaid, ed), with medium-high or critical severity, says Sofia Scozzari. The most striking was undoubtedly the ransomware attack suffered by the Lazio Region in August, which caused the forced shutdown of the Covid-19 vaccine booking portal. The system went haywire, causing reservations to be suspended due to the impossibility of accessing it and the slowing down of the operating procedures of administration, because it was necessary to conduct them manually.