On Monday, PST presented its fresh threat assessment for Norway. Among other things, there is mention of the threat of hacking, not only by state actors, but so-called hacktivists, write The online newspaper.
“There are also cases where intelligence services and criminal actors have worked together on cases concerning ransom viruses, and cases where the intelligence services’ own digital threat actors have criminality for profit as their target.”
Now it turns out that several small doctor’s and dentist’s offices in Norway have been exposed to hacker attacks in the past year, involving ransom viruses
– It can be critical for the patients, who lose their GP records until the doctor is back on the system. Then there is no GP record information available and it can also create difficulties in getting in touch with the doctor’s office, says Marte Kvittum Tangen, head of the Norwegian Association for General Medicine.
She does not have any figures on the extent, but knows of offices that have had to remain closed for several days, because the systems have been hacked so that they do not work, so-called denial of service attacks.
– This often applies to independent offices that have not paid attention to IT security, Tangen tells Nettavisen.
It was Today’s Medicine who first mentioned the matter.
Several defied the expert’s advice
Those who hack smaller doctor’s and GP’s offices are usually looking for ransom money. Tangen says that it is not about leaked personal data, but about locking the doctors out of their systems, until they pay.
Vidar Sandland, technical director at Eidsiva security services, has clear advice for businesses:
– Never pay. It is unlikely that you will get your files back, and if you have shown a willingness to pay, you are more often exposed to more hacker attacks because you have shown that you want to pay.
Tangen states that not everyone has taken this advice to heart.
– Some offices know we have paid these ransoms. It is very unwise, because then you show a willingness to pay and there will soon be demands for more, which I also think has happened, says Tangen.
She has no knowledge of the size of the amounts paid out. They are now working to further secure the computer systems of small, independent offices.
– We support the tool, which was prepared very quickly, when we received examples of smaller doctor’s offices that had been exposed to this. Trinvis has developed a simple system that all doctor’s offices and dental clinics can use now to increase safety and many have already done so, she says.
Clear appeal to people
Sandland explains that ransomware attacks are only becoming more and more common against businesses.
– All businesses should prepare to be exposed to ransomware viruses. Businesses report weekly that they cannot access their data. You must have good routines for backups, so you can easily access the files if you are hacked, says Sandland.
Ransomware viruses are not as common for private individuals, but they can still occur.
– It has become more and more difficult to detect such fraud, but the alarm lights should light up when they ask you to install something, he states.