2 Oct 2019
Geelong Advertiser, Geelong
By Chanel Zagon and Tamara McDonald
BARWON HEALTH CYBER ATTACK
Sophisticated ransomware raid hits Geelong and Colac hospitals Surgeries, appointments cancelled Staff locked out of computers BARWON Health has been hit by a cyber attack, forcing surgeries and appointments to be called off and stranding staff without access to technology.
The sophisticated ransomware raid blocked access to information technology systems at regional public health services including Barwon Health, Colac Area Health and South West Healthcare Warrnambool, as well as several services in Gippsland. Geelong hospital staff were left without access to computers and were forced to resort to paperwork to continue patient care.
Cyber security attack cancels surgeries
BARWON Health has been hit by a cyber security attack, forcing some surgeries and appointments to be called off and denying staff access to technology. The ransomware attack blocked access to health information technology systems of regional public health services, including Barwon Health, Colac Area Health and South West Healthcare Warrnambool as well as several services in Gippsland. University Hospital Geelong staff were left without access to computers and were forced to resort to paperwork to continue patient care. Barwon Health admitted the attack forced some elective surgery and appointments to be rescheduled, as it investigated its cause. Australian Patients Association general manager Jas Streten said the fact attacks still happened showed disregard for patients, while turning to paper systems put health workers under pressure.
Geelong hospital patients took to social media to report chaotic scenes as staff struggled without computers. Staff received a text message on Monday night alerting them to the security breach. It is believed Barwon Health issued a code yellow, with staff unable to access medical archives and emails. Ransomware blocks access to computer systems until a ransom is paid. An investigation involving the State Government, Victoria Police, the Australian Cyber Security Centre and affected health services is under way.
David Cullen, head of the Government’s cyber incident response service, said the details of the ransomware had not been confirmed. “We will not pay cyber criminals in response to these cyber attacks,” Mr Cullen said.
“These are cyber criminals who are very dedicated at what they do, they are very well resourced, very well researched and they have taken the time to investigate our systems, which has, unfortunately on this occasion, allowed them to break in.”
According to the Government, some patient records, booking and management systems had to be shut down in a bit to quarantine the infection.
“At this time, there is no suggestion that personal patient information has been accessed,” a statement said.
“The affected hospitals are now working on their bookings and scheduling to minimise impact on patients.”
An Auditor-General’s report in May uncovered cyber security flaws in Victorian health services.
Opposition health spokeswoman Georgie Crozier said the attacks could have been prevented. At deadline last night it was not yet known when the threat would be removed, or when computer systems will return to operate as normal. Epworth Geelong and St John of God Health Care Geelong confirmed they had not been affected by the threat.