The Clínic hospital is recovering very slowly from the cyber attack received on Sunday, which affects its computer systems and is associated with a data hijacking. Although some assistance activities have been reestablished in a very incipient way, the center continues to function in the old way.
With the computers disabled, the health workers have recovered the forms and pens to write down the data of the patients or their mediations, as if they had gone back three decades in time, explain a testimony.
The information systems management of the center is working on the recovery of the servers. Through access to the consultative SAP (the specialist consultation management software) the census of patients in the emergency room has been updated and the hospital's global census will soon be updated, according to sources from the establishment.
As usual, recovery from the ransomware attack, attributed to the RansomHouse group, is laborious and slow, and all servers must be checked to ensure that no trace of the infection exists before the attack can be reactivated. As a sign of the precariousness of the situation, the web pages of the hospital and its satellites remain unusable.
The minimal technical improvements have made it possible to recover today a fraction of elective surgical activity, 10% of outpatient visits and extractions in hospitalized patients, recording the data by hand. Unlike Monday, only patients previously notified by the hospital by telephone have shown up.
This is better than the nothing registered on Monday, when all surgical activity was suspended (some 150 interventions, according to estimates by the medical director, Antoni Castells), all specialist consultations (between 2,000 and 3,000 visits) and extractions (between 300 and 400). But it is very far from a normality to which the technicians cannot set a date.
The most striking image now is that of the toilets writing down with a pen the data of the 800 hospitalized patients, the medicines that must be administered, the movements of the hospital pharmacy... And that of the technicians working piecemeal in the repair of the effects of sabotage and the search for a security hole used by criminals in an attack described as "sophisticated and complex".
After a November attack on two Colombian subsidiaries of the Keralty water utility, RansomHouse coerced the company via Telegram and began divulging sensitive data. “They can go back to normal work in four hours and they know it, but they don't care about their customers,” the cybercriminals notified when demanding a ransom.
The company, with 25,000 employees and 5.5 million clients/patients in Colombia, chose to repair the damage, a slow and expensive path. “Each step we are taking is being slow because it is with forensic and legal audit. If we restore the same thing that we had, we are still vulnerable. We are working on a new system,” explained a manager almost a month after the sabotage.
The Generalitat will not pay a ransom either, although at the moment there is no record that the criminals have made a request. "They have missed the target," said the spokesperson for the Government, Patrícia Plaja, at the end of the meeting of the Catalan Executive.
The Clínic maintains urgent and hospitalization activity, as well as the areas of home hospitalization, day hospital, radiology, endoscopic tests, radiological examinations and outpatient pharmacy. Oncological radiotherapy would remain affected.
