Cyberattack on the National Health Laboratory Service of South Africa – implications, response and recommendations
DOI:
https://doi.org/10.7196/SAMJ.2024.v114i12.2549Keywords:
Cyberattack, NHLS, medical laboratoryAbstract
Cybersecurity is now an integral consideration in the management of healthcare institutions in this modern technological era. Cyberattacks primarily targeting healthcare institutions have increased exponentially. Recently, the information technology systems of the National Health Laboratory Service (NHLS) of South Africa (SA) were targeted by cyberterrorists using disruptive ransomware. As a result, all files on the affected computers and servers became inaccessible, thus affecting all NHLS operations. We share our experience of this cyberattack from the department of haematological pathology at Tygerberg Hospital, Cape Town, SA. We outline the negative impact on the NHLS and the immediate response, and make future recommendations, including a draft of a business continuity plan.
References
1. Lippi G, Ferrar A. Lessons learnt in medical laboratories during a disruptive cyber-attack. J Lab Precis Med 2024;23(84):1-4. https://doi.org/10.21037/jl
2. Lippi G, Akhvlediani S, Cadamuro J, et al. EFLM Task Force Preparation of Labs for Emergencies (TF-PLE) recommendations for reinforcing cyber-security and managing cyber-attacks in medical laboratories. Clin Chem Lab Med 2024;8(3):1-8. https://doi.org/10.1515/cclm-2024-0803
3. National Department of Health, South Africa. National Health Laboratory Service Annual Report 2022 - 2023. https://nationalgovernment.co.za/entity_annual/3326/2023-national-health-laboratory- service-(nhls)-annual-report.pdf (accessed 10 July 2024).
4. SentinelOne. BlackSuit ransomware: In-depth analysis, detection, and mitigation. Mountain View: SentinelOne, 2024. https://www.sentinelone.com/anthology/blacksuit/ (accessed 1 August 2024).
5. O’Brien N, Ghafur S, Sivaramakrishnan A, Durkin M. Cyber-attacks are a permanent and substantial threat to health systems: Education must reflect that. Digit Health 2022;8(1):1-3. https://doi. org/10.1177/20552076221104665
6. Bateman C. How the NHLS computer hack will cost lives. Johannesburg, SA: Health-e News, 2024. https://health-e.org.za/2024/07/01/how-the-nhls-computer-hack-will-cost-lives/ (accessed 1 August 2024).
7. South Africa Government News Agency. NHLS apologises for blood result delays. SA News, 2024. https://www.sanews.gov.za/south-africa/nhls-apologises-blood-result-delays (accessed 1 August 2024).
8. McCain N. National health lab estimates systems will only be online by mid-July after cyber attack. News24, 2024. https://www.news24.com/news24/southafrica/news/national-health-lab-estimates- systems-will-only-be-online-by-mid-july-after-cyber-attack-20240704 (accessed 1 August 2024).
9. Francke RL. NHLS ransomware attack endangered safety and wellbeing of millions of public health patients. IOL News, 2024. https://www.iol.co.za/news/crime-and-courts/nhls-ransomware-attack- endangered-safety-and-wellbeing-of-millions-of-public-health-patients-b77b355d-6904-4d70-a13d- e27033e3742b (accessed 1 August 2024).
10. Kahn T. NHLS still not fully operational after cyberattack. BusinessDay, 2024. https://www. businesslive.co.za/bd/national/health/2024-07-16-nhls-still-not-fully-operational-after-cyberattack/ (accessed 1 August 2024).
11. South Africa. Protection of Personal Information Act No. 4 of 2013. Government Gazette No. 37067:912. 2013. https://www.gov.za/sites/default/files/gcis_document/201409/3706726-11act4of201 3protectionofpersonalinforcorrect.pdf (accessed 7 July 2024).
12. Fani SV, Subriadi AP. Business continuity plan: Examining of multi-usable framework. Procedia Comput Sci 2019;161(1):275-282. https://doi.org/10.1016/j.procs.2019.11.124
13. Patel AU, Williams CL, Hart SN, et al. Cybersecurity and information assurance for the clinical laboratory. J Appl Lab Med 2023;8(1):145-161. https://doi.org/10.1093/jalm/jfac119
Downloads
Published
Issue
Section
License
Copyright (c) 2024 S Cassim, Z C Chapanduka
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Licensing Information
The SAMJ is published under an Attribution-Non Commercial International Creative Commons Attribution (CC-BY-NC 4.0) License. Under this license, authors agree to make articles available to users, without permission or fees, for any lawful, non-commercial purpose. Users may read, copy, or re-use published content as long as the author and original place of publication are properly cited.
Exceptions to this license model is allowed for UKRI and research funded by organisations requiring that research be published open-access without embargo, under a CC-BY licence. As per the journals archiving policy, authors are permitted to self-archive the author-accepted manuscript (AAM) in a repository.
Publishing Rights
Authors grant the Publisher the exclusive right to publish, display, reproduce and/or distribute the Work in print and electronic format and in any medium known or hereafter developed, including for commercial use. The Author also agrees that the Publisher may retain in print or electronic format more than one copy of the Work for the purpose of preservation, security and back-up.
