The Ministry of Digital Affairs yesterday announced plans to improve cybersecurity resilience in Taiwan’s medical sector, following cyberattacks on at least two hospitals this year that were linked to a Chinese hacker.
“We are concerned that hospitals could be paralyzed by [ransomware] attacks, posing a major risk to Taiwan, while personal data could also be leaked,” Deputy Minister of Digital Affairs Lin Yi-jing (林宜敬) said.
The ministry has teamed up with the Ministry of Health and Welfare to improve cybersecurity at hospitals, which are considered critical infrastructure, Lin said.
Photo courtesy of the Ministry of Digital Affairs
Four measures — cyberdefense drills, talent development, institutional guidance and enhanced inspections — would be implemented to help hospitals defend against cyberattacks, Administration for Cyber Security director-general Tsai Fu-longe (蔡福隆) said.
One of the drills is scheduled for the end of this year, Tsai said.
Domestic and foreign white-hat hackers — experts who identify vulnerabilities in computer code and alert organizations to them — would be invited to take part in the exercise, which would focus on the medical sector, he said.
Eleven hospitals would team up in the drills to counter simulated attacks, with the aim to improve their ability to implement protective measures and file reports amid cyberattacks, he added.
“In the past, hospitals have sometimes handled such defense measures on their own, but the drills will foster closer cooperation between them and help enhance their technical capabilities,” he said.
Following a series of attacks by hackers named “CrazyHunter” earlier this year, the resilience of Taiwan’s medical sector has improved, said Lee Chien-chang (李建璋), head of health ministry’s Department of Information Management.
The “CrazyHunter” attack was a ransomware incident that crippled the computer systems of Mackay Memorial Hospital in February and Changhua Christian Hospital in March, both top-tier medical centers in Taiwan’s three-tier hospital classification system.
While no data were leaked in the Changhua Christian Hospital incident, patient information from the Taipei facility was put up for sale after the hospital refused to pay a ransom, a Criminal Investigation Bureau (CIB) probe showed.
Following the two cyberattacks, the health ministry in March issued guidelines for hospitals on how to respond to ransomware attacks, Lee said.
“The response guidelines are almost unheard of in other countries,” he said.
With the guidelines, cybersecurity staff know what to do after an incident, including what actions to take within 24, 48 and 72 hours — starting with containing the damage, identifying the malware and quickly restoring systems, he said.
All medical facilities in Taiwan have installed Endpoint Detection and Response, a cybersecurity tool that most did not have before the incidents this year, but Mackay Memorial Hospital did, meaning some of its computers were not compromised, Lee said.
In April, the CIB said that “CrazyHunter” is the alias of a 20-year-old employee of a cybersecurity company in China’s Zhejiang Province surnamed Lo (羅).
Asked whether Lo’s cybercrimes were supported by Chinese authorities, Lee said: “We cannot speculate, but it is clear that there was a specific commercial ransom issued.”
Asked whether Taiwan’s medical sector is prepared to withstand a hacking incident backed by Chinese authorities, Lee said that the government would never assume “that defenses are impenetrable and that incidents will not happen.”
The focus is on building resilience so that if systems are breached, operations could be restored immediately, he said.
“This is what we are working on now,” he added.
The military has spotted two Chinese warships operating in waters near Penghu County in the Taiwan Strait and sent its own naval and air forces to monitor the vessels, the Ministry of National Defense (MND) said. Beijing sends warships and warplanes into the waters and skies around Taiwan on an almost daily basis, drawing condemnation from Taipei. While the ministry offers daily updates on the locations of Chinese military aircraft, it only rarely gives details of where Chinese warships are operating, generally only when it detects aircraft carriers, as happened last week. A Chinese destroyer and a frigate entered waters to the southwest
A magnitude 6.1 earthquake struck off the coast of Yilan County at 8:39pm tonight, the Central Weather Administration (CWA) said, with no immediate reports of damage or injuries. The epicenter was 38.7km east-northeast of Yilan County Hall at a focal depth of 98.3km, the CWA’s Seismological Center said. The quake’s maximum intensity, which gauges the actual physical effect of a seismic event, was a level 4 on Taiwan’s 7-tier intensity scale, the center said. That intensity level was recorded in Yilan County’s Nanao Township (南澳), Hsinchu County’s Guansi Township (關西), Nantou County’s Hehuanshan (合歡山) and Hualien County’s Yanliao (鹽寮). An intensity of 3 was
Japanese Prime Minister Sanae Takaichi’s comment last year on Tokyo’s potential reaction to a Taiwan-China conflict has forced Beijing to rewrite its invasion plans, a retired Japanese general said. Takaichi told the Diet on Nov. 7 last year that a Chinese naval blockade or military attack on Taiwan could constitute a “survival-threatening situation” for Japan, potentially allowing Tokyo to exercise its right to collective self-defense. Former Japan Ground Self-Defense Force general Kiyofumi Ogawa said in a recent speech that the remark has been interpreted as meaning Japan could intervene in the early stages of a Taiwan Strait conflict, undermining China’s previous assumptions
Taiwan Railways Corp (TRC) today announced that Shin Kong Mitsukoshi has been selected as the preferred bidder to operate the Taipei Railway Station shopping mall, replacing the current operator, Breeze Development Co Ltd. Among eight qualified firms that delivered presentations and were evaluated by a review committee, Shin Kong Mitsukoshi was ranked first, while Breeze was named the runner-up, the rail company said in a statement. Contract negotiations are to proceed in accordance with regulations, it said, adding that if negotiations with the top bidder fail, it could invite the second-ranked applicant to enter talks. Breeze in a statement today expressed doubts over
RSS