While France is shaken by a controversy around the Health Data Hub, this future health data platform entrusted to Microsoft Azure, the American specialist in the detection of cyberattacks Vectra has just published, on June 30, an alert report on a hasty migration of this sensitive data to the cloud.
Called Spotlight, it is the result of an observation of the behavior of 31 healthcare establishments in Europe and the United States, welcoming between 5,000 and more than 25,000 patients and equipped with Vectra’s cyber detection solution. He points to the fact that healthcare providers have been the quickest to transfer a large part of their data to cloud services “to strengthen their operational capacities”, specifies Chris Morales, head of security analyzes at Vectra. ” At the National Health Services, the British health service, they told us that they had migrated more data in 3 weeks than in 3 years previously “, Says Grégory Cardiet, pre-sales director at Vectra, when asked by Industry & Technologies.
Remote data access by malicious people increased by 38%
But this migration sometimes increases the risks, ” especially when it is too fast for information security staff to have time to prepare properly “Warns Chris Morales in the report. ” The number of attacks on our customers has increased significantly since the arrival of the Covid-19, such an increase in such a short time has never been seen before Adds Grégory Cardiet.
Between January and May 2020, remote access by cyber attackers to data stored internally by the establishments observed increased by 38% compared to a classic five-month period before the Covid-19 pandemic, the report says. . ” Some companies have granted their employees remote access that is not always secure or controlled, sometimes even on private computers “Said Grégory Cardiet.
Targeted ransomware, public enemies # 1
At the same time, data exfiltration, the transfer of information such as patient medical records from the internal networks of health establishments to external destinations by malicious individuals, has doubled in Europe, Africa and the Middle East . In particular, Vectra has noticed a sharp increase in smash-and-grab behavior, which corresponds to the instantaneous sending of a large amount of a priori stolen data to a site hosted in the cloud.
These data thefts are ” almost exclusively “Made for the purpose of then injecting the payload of targeted ransomware to demand a ransom from the attacked establishment, Grégory Cardiet continues.
To minimize this type of attack, it is not a question of saying no to the cloud, according to the specialist, who also regrets that France has ” 4 years behind the United States and even the United Kingdom On migration to the cloud. ” The problem does not come from the cloud but from the lack of control of the security specialists of these establishments on the data once migrated. A brake that a handful of European cloud service providers are seeking to resolve with the future GAIA-X multi-cloud platform.