Experts point out that the sector is one of the most targeted by cybercriminals, second only to the financial area
The new cyber attack to the systems of Fleurywhich left the group’s platforms unavailable from last Friday 5 until the morning of this Monday 8, re-launched the alert for the security of online services and integrated databases, especially in the health sector.
The company, which was the target of a hacker invasion two years ago, it said in a statement that it had “substantially invested in its technology facility,” which may have prevented the leakage of data on registered clients and patients. Experts say these scams have spread around the world, but explain that “major damage” can be avoided if the right steps are taken.
To the StadiumFleury said no tests were lost, but didn’t comment on whether or not patient information was leaked during the invasion. “The Group informs that the database is intact and that a forensic investigation has been launched to determine the impacts of this incident,” the company said in a statement.
In the morning, José Antonio de Almeida Filippo, executive director of Finance and Investor Relations, also said that the group “continues to investigate and evaluate the circumstances of the attack and determine the extent of the incident” and that it is taking the necessary measures to “limit the damage caused and restore the full functioning of the technological environment”.
The healthcare sector ranks just below financial sector firms as one of the niches targeted by hacker attacks in recent years. The value is in patient data, ranging from payment information to insurer relationships. “They concern other data of interest that go beyond the simple medical record,” explains José Leal Jr., country manager of Veeam, a company that deals with data protection solutions in Brazil.
Veem conducts an annual cybersecurity data survey with more than 4,000 responses from business leaders in Asia, Europe, North and South America. In 2021, 70% of them said they had experienced some external invasion of the system. The number rose to 85% last year. “We joke that we can divide ourselves into those who have been attacked and those who will still be attacked.”
“When there is a cyber attack, as a rule, there is a purpose. From what has been said so far, this purpose has not been shown,” explains Marcos Barreto, professor at Fundação Vanzolini with experience in cybersecurity, General Data Protection Law (LGPD ) and automation, optimization and software engineering. “In a company like Fleury, all the kids on the other side, like hospitals, can be a source of access that’s causing the problem,” he says.
According to Barreto, there are three most common types of cyberattacks: data hijacking, where a ransom is charged for releasing information to the original owner; the threat of data disclosure, no ransom charges; and denial of services, when the goal is to prevent a service from functioning and is usually done against public entities.
“The fun for the hacker is not letting the victim react. The normal case is, within minutes, you have the database completely overrun and encrypted by the attacker,” he explains. “It’s a time when nobody can fight back, only if you already have a system prepared for the specific attack.”
In a statement, Fleury said the investment made in IT and digital reached BRL 294 million between 2018 and last year. You also specified that, since Friday, you have chosen to “activate a new storage environment with the aim of ensuring the safe recovery” of the plants.
Daniel Barbosa, an information security specialist at ESET, a company that specializes in information security, says that “major damage” can be avoided even after the database has been invaded.
“The attack has a series of steps or objectives to be followed to compromise an environment. It may be that the infiltrator has reached a certain point and, trying to extort information by force or by forging a credential, has not succeeded” , he says.
Explain that to contain the damage, agility in recognizing the invasion is vital. This can happen when the service is overloaded with too much extracted information or by changing some operational parameters. “The internal security or technology team may initially recognize this as a system failure. Only later, with the overload investigation, may they have identified an external intrusion.”
José Leal Jr. explains that there are some basic steps to ensure data security in companies: “Our recommendation is that the protection system is composed of several elements. One of them is to make the backups (backup copies) in a structured way, with three different copies, stored on two different media, for example on the server and in the cloud; one of them must be immutableso that the hacker cannot modify it, e disconnectedNo internet connection”.
“It’s important to have an automated process for recovering data. Any business has client updates every second or minute, so they have to decide how often to back up and how long the process takes,” says Leal Jr. “This could jeopardize the continuity of the company”.
Source: Terra
Ben Stock is a lifestyle journalist and author at Gossipify. He writes about topics such as health, wellness, travel, food and home decor. He provides practical advice and inspiration to improve well-being, keeps readers up to date with latest lifestyle news and trends, known for his engaging writing style, in-depth analysis and unique perspectives.
