Connect with us

Hi, what are you looking for?

Tech & Science

Barcelona’s main hospital struck by cyberattack

The cost of recovering from a breach is far more expensive than conducting proactive testing.

Hacks have increased through the pandemic and the war in Ukraine - © AFP/File Noel Celis
Hacks have increased through the pandemic and the war in Ukraine - © AFP/File Noel Celis

A ransomware attack has taken place on the city of Barcelona’s main hospital. The cybersecurity event has forced thousands of appointments to be cancelled and computers across the institutions’ numerous laboratories, clinics and emergency room to be shutdown.

Following the incident, 150 surgeries reportedly were cancelled, along with up to 3,000 appointments and 400 pieces of medical analysis.

Looking into the issue for Digital Journal is Stephan Chenette, Co-Founder and CTO at AttackIQ.

Chenette places the incident in the context of another attack upon the healthcare sector, where hackers are seeking to capture the rich stream of personal data, noting: “The healthcare industry is one of the largest targets for cyber-criminals due to protected health information (PHI) being extremely profitable on dark web marketplaces because it usually contains fixed information, such as dates of birth and Social Security Numbers, which hackers can use to commit identity theft for years to come.”

In terms of the consequence of the event, Chenette assesses that: “The Hospital Clinic de Barcelona is now forced to operate with reduced IT operations, causing the hospital to cancel thousands of patient appointments and forcing medical professionals to use pen and paper to communicate sensitive medical information.”

In terms of the wider significance, Chenette draws on the implications for all businesses: “This cyberattack serves as the latest reminder that organizations simply don’t exercise their defences enough, and healthcare organizations in particular should be evaluating their existing security controls to uncover gaps before an attacker finds them.”

Chenette thinks that too many organisations have not sufficiently updated their systems in preparation for the escalation of attacks: “We continue to see basic security protection failures resulting in data loss for companies both large and small. In February alone, Florida and Maryland hospitals suffered cyberattacks that limited IT operations.”

With the wider picture, Chenette adds: “This trend is disturbing as the cost of recovering from a breach is far more expensive than conducting proactive testing to validate that the security products and services you have already purchased and implemented are working correctly.”

In terms of remediation, Chenette says: “To best defend against ransomware attacks, it’s essential to understand the common tactics, techniques, and procedures the adversary uses. In doing so, organizations can build more resilient security detection, prevention and response programs mapped specifically to those known behaviors.”

He further recommends: “Organizations that manage sensitive health information must adopt a threat-informed cyber-defense strategy tailored to focus on the adversaries most likely to impact their operations to maximize their ability to protect sensitive information. This should include mapping their security controls to specific attack scenarios, aligned to the MITRE ATT&CK® framework, to measure an organization’s cybersecurity readiness for the attacks that are sure to come.” Chenette’s final advice is: “Companies should use automated solutions that safely validate their defensive controls against ransomware campaigns and their techniques to avoid falling victim.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:


Garmi is a product of a new sector called geriatronics, which taps advanced technologies for geriatrics, gerontology and nursing - Copyright Sputnik/AFP/File Alexei DruzhininPauline...


Artificial intelligence, or AI, has been increasingly present in everyday life for decades, but the launch of the conversational robot ChatGPT marked a turning...


Active listening is a key factor in improving leadership effectiveness, which, in turn, improves employee productivity.

Tech & Science

If you want to make absolutely sure you don't get these calls, you have to look very closely at the companies you allow to...