Hospitals are probably one of the most important critical infrastructures in any country, given all the essential tasks they carry out. This year, however, hospitals have become one of the protagonists of the works global crisis this century: The COVID-19 pandemic. While most people did everything they could to facilitate their vital labor—even changing how they worked to try to reduce the number of infections—there was one sector that strove to make life difficult for hospitals: Cybercriminals.
Microsoft’s security intelligence team detected multiple “manually operated” targeted ransomware attacks against hospitals that were activated in early April, the worst month of the crisis. Among the ransomware variants that chose the peak of the pandemic to attack hospitals are Netwalker and PonyFinal, thus hoping to earn as much as possible from their attacks.
Case study: Bethesda Children’s Hospital
Bethesda is the only church-financed children’s hospital in the Central European Region. Bethesda cares for young patients ranging from newborns to 18 years of age. The hospital is part of Budapest’s children emergency system, covering the north-eastern area, as well as other parts of Hungary.
Challenges before Panda
Given how valuable health data is on the black market and how vital healthcare systems are, the main concern was that the number of attacks would increase in the future. As well as ransomware and hacker attacks, the GDPR was a great challenge for the hospital in 2018. “It is not just about external dangers,” says Márton Fejes, CIO.
“If IT security is inadequate, if there is any human error like accidental mistakes by or bad faith of staff, data can be easily misplaced.”
From the point of view of the GDPR, the greatest challenge for the institution is to know about the incident and report it to the National Data Protection and Freedom of Information Authority (NAIH). Otherwise the head of the institution is considered personally responsible for the error, In this regard, having the right cybersecurity solution, password protection, and well managed user permissions, all play a central role.
Another major challenge for the hospital is to train doctors, nurses, and administrative staff in cybersecurity. All of these tasks must be addressed within the well-known scarce financial resources of the Hungarian healthcare system.
The solution
Bethesda was looking for an IT security system that provides perfect protection against unknown attacks without affecting the day-to-day work of end users. During its 30-day free trial, Panda Fusion 360 proved to work equally well in device management, filtering, and email protection. Among the thousands of emails arriving at the hospital every day, there are always some spam emails or viral messages that staff open by accident or out of curiosity. However, Panda Fusion 360 perfectly identified these threats.
Márton Fejes also stressed the tasks related to deployment and operation in the midst of a constant shortage of specialists as well as the Hungarian language product support as a key factor. Both the remote monitoring solution Panda Systems Management and Panda Adaptive Defense—both of which make up Panda Fusion 360—can be deployed quickly, are easy to implement on any system, and the solution’s operation doesn’t require any additional resources.
During the introductory period, Panda staff were swift to respond to all the questions that Bethesda had, and all problems were handled flexibly.
“The cooperation between Panda and the hospital has been excellent from the very first moment,” says the CIO, adding that the best security solutions are those that are invisible to the user. And that’s exactly what Panda’s solution is like: the hospital’s IT staff monitor and control Fusion 360 functions from a simple, transparent and centralized dashboard, while doctors and nurses use their computers just as they did before Panda Security’s solution was installed in 2018.
“In addition, the pricing of the security solution was also a key consideration for the hospital. Panda’s special offering to the medical institutions also met this expectation perfectly,”adds Márton Fejes.