Little by little, more details of the cyberattack against Barcelona's Hospital Clínic are becoming known. As reported by Sergi Marcén, Catalan secretary of Telecommunications and Digital Transformation, the pirate company behind the digital assault that has disrupted the major Barcelona centre's usual activity in recent days, has demanded 4.5 million dollars for the return the data that it has stolen through the cyber attack. The specific quantity of information adds up to 4 terabytes (that is, 4,000 gigabytes), although in the press conference the hospital authorities have acknowledged that, at this time, it is not known what kind of data has been compromised. However, they assert that the department's structural database, in which patients' shared clinical histories are located, has not been affected. They will only be able to know for sure what data is affected when the backup copies are restored.
Yesterday afternoon, the Ransom House cybercriminal group put its first ransom demand to the health centre management. As the hospital leaders have announced ever since the first press conference after the attack, and reiterated yesterday, the ransom will not be paid: "There will not be any kind of negotiation to pay even a cent", they said on Monday. For this reason, they recognize that there is a possibility that data will be leaked.
Medical teams have caught up with 90% of complex surgery
In this Friday's press conference, to update the information on the situation at the major Barcelona health facility, Sergi Marcén, secretary of Telecommunications and Digital Transformation, appeared again, along with Antoni Castells, medical director of the centre and Tomás Roy, director of the Cybersecurity Agency of Catalonia. They were joined by Ramon Chacón, head of the Mossos d'Esquadra police's general criminal investigation area.
As explained by Dr Castells, the Hospital Clínic's doctors are continuing to work using paper rather than digital media since the cyberattack, which adds extra difficulty to their daily work. Since Sunday, when the attack occurred, it has been possible to catch up on 90% of complex surgical activity, 40% of the less complex operations, 70% of outpatient consultations, as well as the 'stroke code' and 'heart attack code' activity, giving special attention to patients with these conditions. "With this recovery of our activity, the professionalism of this house's health team is beyond doubt", the doctor emphasized. Castells also calculated that by Monday, or at the latest Tuesday, access to the structural data will have been regained and it will be possible to work normally: "We hope that nothing goes wrong".
99.98% effectiveness in preventing cyberattacks
The authorities wanted to emphasize that despite the cyberattack it suffered on Sunday, the hospital was well prepared, "but in the face of massive attacks there is always a small possibility that this kind of thing will happen, as it ended up doing". In this regard, they reiterated that the Clínic is a centre with high capacities and effective measures, which although they did not avoid the cyberattack, are allowing them to recover quickly. Faced with the possibility that other Catalan centres may suffer a similar situation, they have recalled that there is 99.98% effectiveness when it comes to avoiding them - a figure that implies a very small but real possibility that it will happen again.