Massive attack on the Norwegian healthcare provider, Health South-East RHF

February 7, 2018

Massive attack on the Norwegian healthcare provider, Health South-East RHF

A Norwegian healthcare provider, Health South-East RHF, is investigating an unauthorised intrusion into its IT systems which may have breached the personal data of over half the country’s population. Health South-East RHF delivers healthcare through 15 health trusts and a network of 19 pharmacies, covering nearly three million of the five million inhabitants of Norway.

Motives for the attack are not yet known but the hack that took place, early January, has been identified as ‘advanced and professional’ by HelseCERT (Norway’s healthcare CERT division). They sounded the alarm after noticing abnormal activity on the network of Health South-East RHF and realising something was wrong. Subsequently discovering that sensitive patient data (personal data and health records) may have been obtained in the hacking incident.

Norway’s Ministry of Health and Care said, “there is so far no indication that the theft has had consequences for patient safety.”

This is a massive breach of personal information. There is the potential that over half of the population of Norway may be impacted by this breach and their sensitive data is likely in the hands of criminals.

The breach is being investigated by Norway’s police, national security authority and military police, but they have yet to establish its extent or whether patient data has been compromised. The investigation is still ongoing.

Unlike the WannaCry outbreak that affected health services in England in May 2017, the attack on Health South-East RHF appears to have been a targeted attempt to access patient data.

Many wonder why health data is readily targeted. It’s easily explained. Digital healthcare has advanced to satisfy the demands of connected healthcare technology and to improve patient care and treatment. This means that digital health data kept within the sector has grown in volumes and will continue to do so. Since the health sector forms part of all countries critical national infrastructure and is a treasure trove of sensitive personal data, it is an attractive target for hackers.

This wealth of data is very valuable on the black market and unlike credit card details that can be changed if compromised, sensitive patient data cannot-it is what it is! This data which often includes names, birth dates, policy numbers, diagnosis codes, social security numbers and billing information, is useful for a much longer period of time and can be used for identity theft. The impact on the data subject is pronounced and lasting.

Therefore, there is a growing threat of cyber-attacks on the health sector to steal patient data, disrupt services and even place lives at risk. It’s crucial that this data is protected and that the risk is managed to ensure the security and safety of people and their data.

This particular incident raises the question of whether health services (which are becoming an ever more appealing target) are taking proper measures to secure the masses of data it holds on their citizens.