According to a senior official, a day after Israel’s health system became the victim of the largest cyberattack in history, Hillel Yaf Medical Center still does not know how much damage has been done and does not know when they will return to normal operation. Will find .
Dr. Amnon Ben Moshe, administrative director of the Hadera Institute, said staff still do not have access to the main systems used for viewing and updating hospital medical records and administration.
Was hit by the hospital on Wednesday, still unsolved ransomware attack, forcing it to shut down its technology network and cause delays in care.
“We are in a similar situation as yesterday, when we identified the situation and saw cyberattacks,” he told The Times of Israel.
Questioning the current situation, Ben Moshe said: “We don’t know the extent of the damage.” About the timing of getting back to normal, he said: “We have no idea. We just worked all night. “
Cyber security experts say that this process can be very long.
Ido Geffen, vice president of CyberMDX, an Israeli startup that provides cybersecurity solutions for medical devices and diagnostic assets, told The Times of Israel that full recovery of data could take months.
Cyber security consultant and cyber resilience expert Einat Meuron said: “There is a long road ahead to recovery. For example we have seen similar incidents in the US, Belgium and Portugal where hospitals were attacked, and they were almost Three to six months were needed where they could start working. [normally] Then.”
Channel 12 reported on Thursday that the attackers left an email address on the attacked servers. An outside company acting on behalf of the hospital contacted the hackers, who demanded a $10 million ransom.
The report stated that as a government hospital he was barred from paying the ransom.
A ward, as staff try, at Hillel Yaffe Medical Center on October 14, 2021. Management without regular IT systems (Courtesy of Hillel Yaffe Medical Center)
At Hillel Yaf, some non-urgent procedures have been canceled, but much of the hospital work continues, using alternative IT systems, some of which have been specially installed. Doctors’ ability to access nationally held patient records that include their medical background (as opposed to internal hospital records) has not been impeded. That’s because Hillel Yaffe recently introduced hand-held devices that provide this access.
The hospital management in a statement on Thursday praised its staff for handling the new challenges well. “Medical work continues, with the efforts of cyber and computing experts to rehabilitate the computer system and investigate the incident and our team provides great feedback in meeting the current challenges.”
Cyber security experts say the attack could have been more serious, though it was serious. “In this attack, we know it came from the Internet, meaning an attacker gained access to the password and was then able to enter the network,” Geffen said. “The good thing is that as far as we know, no medical equipment or vital equipment was affected. In similar attacks in the US and Europe, critical equipment attached to patients was actually affected and this is a very bad situation.
He said: “Right now, the hospital is likely to be in the containment phase, trying to ensure that the attack does not spread and to ensure that all vital operations are still functioning. Then comes the investigation and recovery phase to determine what exactly happened and try to recover the data.
This is a lengthy process if the hospital has to ensure that no “backdoor”, i.e. malware by which unauthorized users can gain and gain access to security measures, is not left in place.
“This can take months because it is a meticulous operation to ensure that the hackers do not leave any back doors,” Geffen said.
