Łukasz Jesis, Xopero Software CEO, was invited as an expert to Polish television TVP reporter’s show devoted to hacker attack on one of Polish medical centers in the town of Zielona Góra.
Hospital electronic system was completely blocked by ransomware attack and the authorities of the facility found themselves in a difficult situation. The fact that the system had been blocked slowed down the work of the hospital and had a negative influence on the quality of patient support – all processes had to be done manually. The police are trying to determine the source of the attack.
According to Łukasz Jesis: “In this case, it is difficult to talk about a deliberate attack. For a hacker/a criminal, the advantage of taking control over a medical center is minimal. The most likely version is that it was an accidental attack caused by carelessness of the user who opened a suspected file, which resulted in disk encryption. For this reason, instead of using the word “attack” in this context, I would rather talk about the carelessness of one of the users and typical broad criminal activity.
About a year ago, in Ukraine, a big criminal group acting according to the same model, making annual profits of ca. 200 million euros, was dismantled. Hackers are apt social engineers – they send e-mails containing the words Invoice or Social Insurance information in their titles in order to make the recipients open them.
In order to prevent such situations as the one experienced by the medical center in Zielona Góra it is necessary to implement appropriate procedures connected with data safety, storage and access. They should among others forbid the opening of e-mails from unknown source as well as downloading of suspected attachments. It concerns in particular those institutions which are in possession of sensitive information which could be used in an inappropriate way.
It may be the case that what happened in Zielona Góra was caused by the lack of solutions of this kind.”