(Il Sole 24 Ore Radiocor). Dusserdolf, night of September 11th. Some paramedics are alerted to the deteriorating condition of a 78-year-old woman with an aortic aneurysm. What was supposed to be a simple routine withdrawal, turns into tragedy to the point of requiring immediate hospitalization of the patient, discovering
shortly after the special ward is closed with fatal consequences. A hacker attack, in fact, had compromised the digital infrastructure on which the hospital itself was based to coordinate doctors, beds and treatments, forcing the cancellation of hundreds of operations and other procedures.
A classic ransomware attack – the authors of the same had immediately asked for a “ransom” of 900 thousand euros in bitcoin – which well summarizes the potential, enormous risks inherent in a possible cyber offensive to structures or healthcare companies, as also demonstrated by the most famous and most recent case of the Lazio Region
All the flaws of the Italian health companies
She took care of all this Swascan, cyber security company led by Pierguido Iezzi and today belonging to the Tinexta group, listed on the Star segment of Piazza Affari, which has prepared a full-bodied report from which a rather clear and worrying result emerges: 80% of Italian healthcare companies are at hacker risk. The analysis, which measured the potential vulnerabilities of the sector, collects the results of a survey conducted on a sample of 20 companies selected among the top 100 by turnover in Italy. The data that emerges, as mentioned, is alarming: as many as 16 of them are not secure, with a number of vulnerabilities from 1 to over 50 and with a significant risk of cyber attacks.
Analyzing public and semi-public information on the web, dark web and deep web relating to the month of August 2021, the Swascan Security Operation Center (SOC) found in particular: 942 vulnerabilities in total, of which almost 90% of medium-high level ; 9,355 compromised emails (for an average of 468 per domain) and 239 IP addresses and 579 services exposed on the Internet.
The black market for medical records
The critical issues identified, through the Cyber Risk Indicators, highlight the risk that healthcare companies become easy prey, above all, of ransomware attacks aimed mainly at the theft of sensitive data: a very precious commodity on the dark web if you think that, according to a CBS report , one medical records can be sold up to $ 1,000 on the digital black market.