• Life Healthcare has been hit by a "criminal attack" on its IT systems.
  • Across the world, hospitals have been big targets of ransomware attacks.
  • A cyber-security expert believes the Life attack is most likely a form of ransomware that locks systems in exchange for payment.
  • For more articles, go to www.BusinessInsider.co.za.

The cyber attack that has rocked Life Healthcare hospitals across the country is most likely a form of ransomware, according to cyber-security experts.

The group, which operates 66 hospitals in South Africa, announced yesterday that it was hit by a "criminal attack" on its IT systems.

Life Healthcare does not want to provide more information on the nature of the attack as investigations are still ongoing, and it says it is not yet sure to what extent "sensitive data" has been compromised.

However, the attack appears to have inflicted widespread damage. According to Life, "the security incident… affected admissions systems, business processing systems and email servers".

The attack has not affected patient care but has resulted in administrative delays as hospitals have been forced to switch to manual processing systems.

According to Dominic White, CEO of cyber-security firm SensePost, the wide nature of the attack "sounds like something viral, and not like someone who broke into the office and stole a laptop with sensitive information – and the most common viral attack these days is ransomware".

If true, that means hospital systems are essentially being held hostage by attackers, who typically encrypt computer data, locking employees out of their own systems. The attackers usually ask for payment, often in Bitcoin, to decrypt the system and re-enable access.

According to White, "hospitals are front and centre" right now. "Ransomware is pretty opportunistic and, because of the pressure on hospitals, attackers are guessing people will pay to make it go away quickly."

"We are deeply disappointed and saddened that criminals would attack our facilities during such a time, when we are all working tirelessly and collectively to fight the Covid-19 pandemic," acting Life Healthcare CEO Pieter van der Westhuizen said in a statement.

No hacking group has claimed responsibility for the Life attack and hacking forums have been "surprisingly quiet", says White, who is one of SA's best-known "white hat hackers" - security experts who are employed by companies to test their networks. 

Hospitals across the world were the target of a wave of ransomware attacks in 2019, and international agencies are expecting the attacks to get worse this year as hospitals battle the Covid-19 virus.

International police organisation, Interpol, issued a statement in April warning governments and hospitals that attacks are escalating.

The organisation "has detected a significant increase in the number of attempted ransomware attacks against key organisations and infrastructure engaged in the virus response".

In May, the Cyberpeace Institute, a global organisation which has a mission to prevent the internet from becoming "weaponised", issued a plea to governments to protect healthcare institutions from cyber attacks. Among the signatories were eight Nobel laureates, including Archbishop Emeritus Desmond Tutu.

There have been a number of recent high-profile cyber-attacks on South African companies.

READ | Hackers on the dark web love South Africa - here's why we suffer 577 attacks per hour

In 2018, hackers seized data from the insurance company Liberty Holdings, demanding money for the return of the information.

Last year, a ransomware attack paralysed Johannesburg agency City Power’s systemswhile the City of Johannesburg itself was hit by a group who called themselves the Shadow Kill Hackers demanding a ransom payment in bitcoin. Shortly thereafter, hackers launched distributed denial of service (DDoS) attacks on the local banks, flooding them with fake traffic. The criminals also demanded a ransom.

Receive a daily update on your cellphone with all our latest news: click here.

Get the best of our site emailed to you daily: click here.

Also from Business Insider South Africa: