1.9bn to help combat cyber breaches at hospitals

© Post Publishing PCL

Saraburi Hospital executives hold a media conference about the ransomware attack on the hospital computer system. (Capture from TV Channel 3)

The Public Health Ministry is planning to spend 1.9 billion baht to install a safeguard system at state-run hospitals nationwide following a ransomware attack at the Saraburi Hospital.

Sathit Pitutecha, Deputy Minister of Public Health, on Thursday said the Digital Economy and Society (DE) Ministry is working to break the lock in the hospital computer system caused by the cyber attack.

The ransomware was detected after it entered the system on Sept 5 at 5.31am. The attacker demanded a ransom of 63 billion baht in Bitcoin to be paid in exchange for unlocking the system.

DE Minister Buddhipongse Punnakanta on Thursday confirmed that demand was made. However, Sura Wisetsak, inspector-general for public health, insisted no money will be paid as the authorities are confident efforts to release the lock will be successful.

For long-term security and the prevention of future breaches, Mr Sathit said a budget of 1.9 billion baht will be set aside to install a security system capable of protecting data stored in hospitals run by the Public Health Ministry nationwide.

The installation process is expected to take one to two years, according to the deputy minister.

Mr Buddhipongse, meanwhile, said four years’ worth of patient records are affected by the Saraburi Hospital cyber attack.

Experts from the Electronic Transactions Development Agency (ETDA) arrived at the Saraburi Hospital to retrieve any data they can salvage while they figure out a way to restore the computer system.

On Wednesday, the hospital said it has asked patients to bring essential documents with them when attending a doctor’s appointment as the data problem will take time to fix.

The Public Health Ministry advised hospitals nationwide to update their computer operating system and data protection software.

Mr Buddhipongse noted ransomware attacks do not usually strike hospitals or facilities working for the good of the public until now.

Also, Pol Maj Gen Panthana Nuchanart, head of the Anti-Fake News Centre, on Thursday said he has been assigned by the Royal Thai Police to work with the DE Ministry, the computer crime police and the Air Force’s software computer centre to get to the bottom of the ransomware incident.

The experts said evidence suggests the hackers were based in Europe. No Thais were involved in ransomware attacks in the past, Pol Maj Gen Panthana said, adding the authorities need to acquire security programmes to prevent and combat cyber attacks.