Alliance Healthcare, a pharmaceutical distributor in Spain, suffered a cyberattack on March 17 that forced the complete shutdown of its website, billing systems, and ordering processes.
Although the recovery team is working quickly to remediate the issue, the outages have led to supply delays that are impacting pharmacies in the Catalonia region. However, officials say there have been limited patient impacts, as other companies have been able to supply the necessary orders.
This attack comes less than three weeks after the RansomHouse incident against the Hospital Clinic of Barcelona, which is still operating under network downtime procedures.
Western Europe has seen a spate of attacks against its health sector this year, with CHC Montlégia in Liège still working to get back online four months after a cyberattack.
US healthcare entities should view these attacks as a warning shot and ensure they have fully prepared an incident response plan to prevent long-term downtime procedures in the event of a cyberattack.
As seen in the post-mortem report on the cyberattack and outage at New Zealand Waikato District Health Board, effective responses are directly tied to practicing business continuity plans. Mitre recommends identifying the systems needed to maintain patient care and tying it to well-practiced response plans.
