The hospital notified the Cybersecurity Agency of Catalonia the day before that it had suffered a ‘ransomware’-type cyberattack, which consists of disabling a computer system in exchange for payment to recover the information.
The general director of Secure&IT and cybersecurity expert, Francisco Valencia, explained to EFE that Ransom House consists “of a group of more or less coordinated people who carry out a virus, to which they give the same name as the ‘family'” of people who design it and make it available to whoever wants to buy it.
The group acts in the form of a provider, whose product is acquired by the person or group interested in perpetrating the attack, which at the same time needs a network of collaborators to help carry out the infection with the ‘malware’ (malicious program). , so the attack cannot be attributed to a brain, but rather to an “ecosystem”.
Regarding Ransom House, he stressed that it is an old ‘malware’, “that has been around since 2021 and at the time it was already attacking Canadian companies a lot”, the country for which it was designed, although later “it was widely distributed in the Latin American health environment ” in early 2022.
The cyberattack not only involves a blockade of hospital information
The expert stated that the attack not only involves a blocking of information, but that it may end up being exposed, and in this situation he expressed his support for the decision not to pay a ransom.
“We are not going to prevent them from publishing information and they are not going to follow the most basic ethical rule,” said Valencia, who also recalled that, even if the required amount is paid, they will probably sell the data “because they are criminals.”
The director of the Cybersecurity Agency of Catalonia, Tomàs Roy, stressed that the attack was perpetrated from outside Spain and that the criminal group responsible, the so-called Ransom House, has been identified.
Roy stressed that it is a “complex attack, which does not follow the classic ‘modus operandi’ and includes new techniques”, which is why they are still studying the extent of the damage, in collaboration with the Catalan regional police and Interpol.
The Hospital Clínic de Barcelona begins tomorrow to recover its activity
The Hospital Clínic de Barcelona has been able to reactivate access to part of its computer systems affected by the cyberattack and tomorrow it will resume external consultations with 10% activity, as well as in operating rooms, where they plan to recover between 40 and 50% of procedures.
The Barcelona hospital suffered the attack last Sunday, and the Cybersecurity Agency of Catalonia is working to recover the system and to identify the perpetrators, in collaboration with the Mossos d’Esquadra and Interpol.
Outpatient consultations will begin tomorrow with 10% activity, the Health Department has reported, warning that patients who can be visited will receive a call from the hospital to confirm their visit and those who reschedule their visit will be notified. soon.
Surgical activity will also resume and tomorrow it is planned to recover between 40% and 50% of operations at the Villarroel street facilities, selectively.