Japanese hospitals increasingly at risk of cyberattacks

By Mikoto Hata / Yomiuri Shimbun Staff Writer

12:31 JST, September 26, 2021

Hospitals in Japan have been the target of cyber-attacks.

The attacks have kept them from accessing patients’ medical charts or forced them to stop providing medical treatment. The rapid promotion of networking in hospitals has heightened their vulnerability, and delays in responding to the attacks are also seen as worsening the damage.

On May 31, a warning message suddenly appeared on computers at Higashiosaka City Medical Center in Higashi-Osaka, Osaka Prefecture. Written in English, it said that the hospital’s files had been encrypted, and told the hospital to access a certain site if it wanted the files to be decrypted.

As a result of the attack, doctors were unable to access images taken by computed tomography (CT) devices, X-ray machines, endoscopes and other medical equipment. Nor could they save newly taken images. The hospital had to stop accepting outpatients and could not treat some people who made appointments for two days.

The hospital had been struck by a type of malware called ransomware that uses encryption to lock up the victim’s computer system. Such attackers demand that ransom is paid to restore access.

The hospital’s image server was infected via the internet, and a large number of diagnostic images were encrypted. The city’s core hospital, which treats COVID-19 patients, refused to comply with the attacker’s demand, and it has been unable to access tens of thousands of images even after the system became available.

“We were naive about cyber-attacks,” the hospital’s deputy director general said. “We will take thorough security measures.”

Cyber-attacks on medical institutions came to light around 2018. In October of that year, a municipal hospital in Uda, Nara Prefecture, was infected with ransomware that kept the hospital from accessing the medical charts of more than 1,000 patients.

And at the end of last year, Fukushima Medical University Hospital announced that its CT system had a temporary glitch.

Ransomware attacks on infrastructure have become rampant around the world in recent years. In May, a U.S. oil pipeline shut down for five days due to such an attack, causing a gasoline shortage. At some overseas medical institutions, systems have been completely shut down, forcing patients to postpone surgeries or be transferred to other hospitals. That type of attack seems to now have spread to medical institutions in Japan.

In 2005, the Health, Labor and Welfare Ministry drew up guidelines on cybersecurity for medical institutions and urged them to devise countermeasures.