kras99 - stock.adobe.com
Australian healthcare service provider UnitingCare Queensland (UCQ) has restored its systems and applications following a cyber attack in April 2021.
They include key corporate systems, as well as many of the integrations between applications that support its business processes.
UCQ, which also provides aged care services, said it will continue to work with third-party incident response and threat eradication specialists to ensure integrity across its digital environment, and that it has taken rigorous measures to identify, contain and eradicate the threats responsible.
“We have also introduced improved security controls across our digital environment, including increased process controls, and have implemented a market-leading endpoint detect-and-response solution to provide ongoing protection,” it added.
Meanwhile, UCQ has instructed external legal advisers to assist with responding to the incident from a privacy perspective.
“Based on our assessment to date, there is no evidence that the health and safety of our patients, residents or clients has been in any way compromised as a result of this cyber incident,” it said.
About a week after the attack, UCQ revealed that an external group called REvil/Sodin had claimed responsibility for the incident.
Jacqueline Jayne, security awareness advocate at KnowBe4, said aged care facilities are very attractive targets for cyber criminals because of the nature of the information they hold on their patients – information that, once obtained, can be used for identity theft and sold multiple times on the dark web.
“This is not only health-related data, as the addition of personally identifiable information is also there for the taking,” said Jayne. “Once illegal access has been obtained into an aged care facility, there is also information available for employees, vendors, general business information which provides even more reason for cyber criminals to target this sector.”
Read more about cyber security in Australia
- Australian healthcare provider Eastern Health takes IT systems offline as a precaution while it looks into a cyber incident.
- Australian state agency Transport for New South Wales is the latest victim of the supply chain attack against Accellion’s legacy file transfer system.
- Australia’s latest cyber security strategy includes centralised management of networks and a voluntary code of practice for deploying internet-connected devices, among other areas.
- Supply chain security risks can wreak havoc for Australian firms if measures are not taken to deter cyber attackers from exploiting a supplier’s security gaps to target another firm.
Rick McElroy, principal cyber security strategist at VMware’s security business, said the incident highlights the vulnerability of Australia’s healthcare sector to cyber attacks.
“While the attack methods may vary, most cyber criminals are motivated by a financial incentive,” he said. “Given the critical nature of data at healthcare organisations, they are often a prime target for attacks, as cyber criminals know patient care is on the line and organisations are more apt to pay.”
Last year, nearly three in four Australian organisations experienced cyber attacks, of which 89% suffered more attacks since more of their employees started working from home, according to a new VMware study.
Australia’s manufacturing industry was the hardest hit, with 91% of manufacturing sector respondents experiencing attack increases at an above-average 40%. Respondents from the healthcare sector fared better than average, with 68% reporting attack volume increases.