Swedish Public Health Agency Forced to Shut Down SmiNet
A Swedish disease surveillance database has been shut down by the Swedish Public Health Agency after multiple cyberattack attempts were detected. While it is not certain who the attackers are, an investigation is underway to determine whether the system has been affected and if so who is responsible.
The Significance of the SmiNet Shutdown
The breach attempts were discovered last Wednesday at 4PM, making the database unavailable to the general public as the agency began their investigations. SmiNet has been in use increasingly for tracking COVID-19 data, and the shutdown has not gone unnoticed. The Swedish Public Health Agency (Folkhälsomyndigheten) announced that COVID-19 statistics would be made next available this Thursday after a full investigation has been issued and reports can be filed.
SEE ASO COVID Vaccine Cold Chain Targeted By Spear Phishing
This incident is falling in line with attacks on multiple European medical companies during the COVID-19 pandemic. In January, the European Medicines Agency was the target of an attack that resulted in COVID-19 related files being uploaded to the Darkweb. Files containing data related to the efficacy, storage, and test results for several of the Covid-19 vaccines that the EMA was interested in were discovered on Russian speaking forums soon after the attack.
Last month, Ireland’s healthcare system was the victim of a crippling ransomware attack that impacted all HSE’s national and local IT systems. The system was forced to shut down to keep patients personal information safe, keeping with recommended protocols, and we noticed a pattern of major companies discontinuing operations in light of an attack.
In May, a major mental healthcare network in Finland faced a ransomware attack that compromised the private information of a substantial portion of Finland’s population. The Vastaamo attack resulted in the release of patient names, addresses, phone numbers, and psychotherapy session notes and eventually the mental health startup was forced to completely close up shop.
A Close Call is Still Too Close
While the attack attempts on SmiNet are not confirmed to have resulted in any effect on the system, a thorough investigation is still very important, and Folkhälsomyndigheten is making sure that their citizens’ data is safe. However, one might be able to call this a lucky instance, as cyberattackers have taken every new opportunity in the past year to monetize on the state of the world. Knowing that the panic surrounding a new virus would cause a rush to keep an eye on vaccination rollouts and statistics and that new systems would likely be vulnerable and understaffed, hacker groups have attacked multiple COVID-19 related targets both with ransomware and malware designed to steal data files to sell.
Now, more than ever, it is paramount that cybersecurity laws and guidelines are followed by companies handling sensitive information or providing key services. Insurance companies and pipelines alike have been targets of massive attacks that resulted in the shutting down of companies, identity theft of clients and patients, as well as large sums of cryptocurrency paid in ransom.
What Can We Do on Our Own?
We must protect ourselves at all times as individuals living in a digital age. Anything from secure passwords to router positioning can add an extra layer of protection against malicious parties.
Read more on some of our tips and guidelines for online safety: