Medizinonline Medizinonline
  • News
    • News
    • Market & Medicine
  • Patients
    • Disease patterns
    • Diagnostics
    • Therapy
  • Partner Content
    • Dermatology
      • Atopic dermatitis and psoriasis news
      • Dermatology News
    • Diabetes
      • Dia-Month Club – Type 2 Diabetes
      • Diabetes in Motion
      • Diabetes Podcasts
    • Gastroenterology
      • IBD matters
      • Forum Gastroenterology
      • Ozanimod: ulcerative colitis
      • Reflux Update
    • Immunology
      • Primary immunodeficiency – exchange of experience
    • Vaccinate
      • Herpes zoster
    • Infektiologie
    • Neurology
      • EXPERT ULTRASONIC: Introduction to ultrasound-guided injection
      • MS News
      • MS Therapy in Transition
    • Oncology
      • Swiss Oncology in motion
    • Orthopedics
      • Osteoporosis in motion
    • Phytotherapie
    • Practice Management
      • Aargau Cantonal Bank
      • Claraspital
    • Psychiatry
      • Geriatric Psychiatry
    • Rheumatology
  • Departments
    • Allergology and clinical immunology
    • General Internal Medicine
    • Anesthesiology
    • Angiology
    • Surgery
    • Dermatology and venereology
    • Endocrinology and Diabetology
    • Nutrition
    • Gastroenterology and Hepatology
    • Genetics
    • Geriatrics
    • Gynecology
    • Hematology
    • Infectiology
    • Cardiology
    • Nephrology
    • Neurology
    • Emergency and intensive care medicine
    • Nuclear Medicine
    • Oncology
    • Ophthalmology
    • ORL
    • Orthopedics
    • Pediatrics
    • Pharmacology and toxicology
    • Pharmaceutical medicine
    • Phlebology
    • Physical medicine and rehabilitation
    • Pneumology
    • Prevention and health care
    • Psychiatry and psychotherapy
    • Radiology
    • Forensic Medicine
    • Rheumatology
    • Sports Medicine
    • Traumatology and trauma surgery
    • Tropical and travel medicine
    • Urology
    • Dentistry
  • CME & Congresses
    • CME continuing education
    • Congress Reports
    • Congress calendar
  • Practice
    • Noctimed
    • Practice Management
    • Jobs
    • Interviews
  • Log In
  • Register
  • My account
  • Contact
  • English
    • Deutsch
    • Français
    • Italiano
    • Português
    • Español
  • Publications
  • Contact
  • Deutsch
  • English
  • Français
  • Italiano
  • Português
  • Español
Subscribe
Medizinonline Medizinonline
Medizinonline Medizinonline
  • News
    • News
    • Market & Medicine
  • Patienten
    • Krankheitsbilder
    • Diagnostik
    • Therapie
  • Partner Content
    • Dermatology
      • Atopic dermatitis and psoriasis news
      • Dermatology News
    • Diabetes
      • Dia-Month Club – Type 2 Diabetes
      • Diabetes in Motion
      • Diabetes Podcasts
    • Gastroenterology
      • IBD matters
      • Forum Gastroenterology
      • Ozanimod: ulcerative colitis
      • Reflux Update
    • Immunology
      • Primary immunodeficiency – exchange of experience
    • Vaccinate
      • Herpes zoster
    • Infektiologie
    • Neurology
      • EXPERT ULTRASONIC: Introduction to ultrasound-guided injection
      • MS News
      • MS Therapy in Transition
    • Oncology
      • Swiss Oncology in motion
    • Orthopedics
      • Osteoporosis in motion
    • Phytotherapie
    • Practice Management
      • Aargau Cantonal Bank
      • Claraspital
    • Psychiatry
      • Geriatric Psychiatry
    • Rheumatology
  • Departments
    • Fachbereiche 1-13
      • Allergology and clinical immunology
      • General Internal Medicine
      • Anesthesiology
      • Angiology
      • Surgery
      • Dermatology and venereology
      • Endocrinology and Diabetology
      • Nutrition
      • Gastroenterology and Hepatology
      • Genetics
      • Geriatrics
      • Gynecology
      • Hematology
    • Fachbereiche 14-26
      • Infectiology
      • Cardiology
      • Nephrology
      • Neurology
      • Emergency and intensive care medicine
      • Nuclear Medicine
      • Oncology
      • Ophthalmology
      • ORL
      • Orthopedics
      • Pediatrics
      • Pharmacology and toxicology
      • Pharmaceutical medicine
    • Fachbereiche 26-38
      • Phlebology
      • Physical medicine and rehabilitation
      • Phytotherapy
      • Pneumology
      • Prevention and health care
      • Psychiatry and psychotherapy
      • Radiology
      • Forensic Medicine
      • Rheumatology
      • Sports Medicine
      • Traumatology and trauma surgery
      • Tropical and travel medicine
      • Urology
      • Dentistry
  • CME & Congresses
    • CME continuing education
    • Congress Reports
    • Congress calendar
  • Practice
    • Noctimed
    • Practice Management
    • Jobs
    • Interviews
Login

Sie haben noch keinen Account? Registrieren

  • Cyber attack on practice IT

Prepare for the worst case scenario

    • RX
    • General Internal Medicine
    • Practice Management
    • Prevention and health care
  • 4 minute read

To conclude our “Danger from the Internet” series, we look at how you should react when the child has already fallen into the well. In other words: What should a practice owner do if a hacker has been successful and has paralyzed the IT? Who should be informed, where can you get help and how should you deal with ransom demands?

It has happened: The abstract idea of being attacked by hackers has become real. When booting up the computer in the morning, access was no longer possible; instead, a message appeared stating that you could only regain control of your own data if you paid a six-figure sum. A ransomware attack had infiltrated and encrypted the practice’s IT. After the initial shock, it is important to react calmly and take some measures.

First of all, it is advisable to interrupt Internet connections (including email and VPN connections) and to disconnect existing backups – if these are directly connected to the attacked system – as quickly as possible. The attack should then be reported. The contact for this is the cantonal police. The responsible police station can be found via a portal. In the next step, the practice’s IT service provider can begin to analyze the damage, set up the affected systems again and restore data using the backups – after ensuring that they are intact and have not also been infiltrated. This is a task for specialists, which is why it is not advisable to initiate these steps yourself in a false sense of eagerness and the idea of wanting to return to normal operations as quickly as possible.

Anyone who decides to file a criminal complaint – which is recommended in any case – should refrain from rash action anyway, as a forensic investigation is hardly possible once the systems have been reinstalled.

There is currently no obligation in Switzerland to report cyber incidents to the Federal Office for Cybersecurity (BACS) as the Confederation’s competence center for cybersecurity (box). However, this will change in the first half of 2025 for critical infrastructures, including the healthcare sector, explains Pascal Lamia, Head of Operational Cybersecurity at the BACS. They will then be obliged to report cyber incidents. However, they will also receive support from the Federal Office if required.

Federal Office for Cyber Security
At the beginning of 2024, the National Center for Cyber Security became a federal office (Federal Office for Cyber Security, BACS). The BACS is the first point of contact for the economy, administration, educational institutions and the population for cyber issues. It is responsible for the coordinated implementation of the National Cyber Strategy (NCS).
The main task of the BACS is to make Switzerland more secure in cyberspace. The Federal Office receives reports of cyber incidents and supports operators of critical infrastructures in particular in dealing with them.

Ransom payments are not recommended

The BACS generally advises against complying with and paying ransom demands in order to prevent companies from co-financing the cybercriminals’ infrastructure and encouraging them to carry out further attacks, particularly on Swiss companies. Furthermore, there is no guarantee for the blackmailed victim that the data will not be published after the ransom has been paid.

Instead, the BACS recommends not contacting the perpetrators but discussing and coordinating further steps with the police. The recommendation to cooperate with the cantonal police also applies, especially if you decide to pay the ransom after all.

Another aspect is often misjudged: a collapsed daily practice routine due to non-functioning IT understandably leads to the urge to choose the supposedly quickest solution in order to return to normal processes. However, paying a ransom is only a quick solution at first glance: As a rule, the sum is demanded in the form of a cryptocurrency, for which hardly any doctors are likely to have an account. Setting this up at the bank already takes time. It is also wrong to assume that all systems are automatically up and running again once payment has been made by mouse click. Instead, the blackmailers – ideally – simply provide decryption software that you have to install and run yourself. This also takes time.
Either way, there is a risk of sensitive patient data being published by the blackmailers. You should be prepared for the worst-case scenario. Proactive communication is advisable, i.e. it is better to tell patients yourself what has happened than to let third parties find out. If blackmailers actually publish sensitive patient data, data security breaches (also known colloquially as “data breaches” or “data leaks”) must be reported to the Federal Data Protection Commissioner (FDPIC). A reporting form is available on the FDPIC’s website.

Whether you decide to pay a ransom or not, a cyberattack is always an exceptional situation for the affected practice and its employees. However, the risk can be reduced by taking preventive measures, and special cyber insurance policies can be taken out to protect against (financial) damage. And if you think about what-if situations in advance and know the right contacts, you can keep a cool head if the worst comes to the worst.

medizinonline series “Danger from the Internet“
The series “Danger from the Internet” presents in 3 parts the threats and possible consequences of as well as preventive measures against cyber attacks. In the first part the various forms and ways in which criminals can infiltrate a practice’s IT, as well as ways to protect against attacks.
In the second part an insurance expert explained why it makes sense to take out special cyber insurance in addition to the usual public liability insurance and explained which aspects are particularly important.

HAUSARZT PRAXIS 2024; 19(12): 48 (published on 12.12.24, ahead of print)
InFo ONCOLOGY & HEMATOLOGY 2025; 13(1): 39

Autoren
  • Jens Dehn
Publikation
  • HAUSARZT PRAXIS
  • InFo ONKOLOGIE & HÄMATOLOGIE
  • InFo DIABETOLOGIE & ENDOKRINOLOGIE
Related Topics
  • BACS
  • Cyber attack
  • Federal Office for Cyber Security
  • Internet
  • Practice IT
  • Ransom demands
  • Ransomware
Previous Article
  • Antibiotics

Population survey on resistance reveals gaps in knowledge

  • RX
  • General Internal Medicine
  • Infectiology
  • Practice Management
  • Prevention and health care
View Post
Next Article
  • From symptom to diagnosis

Abdominal pain – panniculitis

  • Cases
  • Education
  • Gastroenterology and Hepatology
  • General Internal Medicine
  • Radiology
  • Rheumatology
  • RX
  • Surgery
View Post
You May Also Like
View Post
  • 23 min
  • Important basics and studies on cancer and the psyche

Interplay between cancer and mental illness

    • CME continuing education
    • Oncology
    • Psychiatry and psychotherapy
    • RX
    • Studies
View Post
  • 12 min
  • Cancer prevention

Constant dripping – alcohol and cancer

    • CME continuing education
    • General Internal Medicine
    • Oncology
    • Pharmacology and toxicology
    • Prevention and health care
    • Psychiatry and psychotherapy
    • RX
    • Studies
View Post
  • 30 min
  • Chemsex - MSM, sex, chrystal meth & co.

Medical and psychosocial perspectives

    • CME continuing education
    • General Internal Medicine
    • Infectiology
    • Pharmacology and toxicology
    • Prevention and health care
    • Psychiatry and psychotherapy
    • RX
View Post
  • 13 min
  • Parkinson's disease

Individual therapy management for an optimized outcome – an update

    • CME continuing education
    • Neurology
    • RX
    • Studies
    • Training with partner
View Post
  • 4 min
  • Journal Club

Stargardt’s disease: groundbreaking gene therapy study gives hope

    • Education
    • General Internal Medicine
    • Genetics
    • Ophthalmology
    • RX
    • Studies
View Post
  • 4 min
  • Surgical interventions

What is necessary, what can be dispensed with?

    • Congress Reports
    • Gynecology
    • RX
    • Studies
    • Surgery
View Post
  • 6 min
  • Case study

Pemphigus – from diagnosis to therapy

    • Cases
    • Dermatology and venereology
    • Education
    • RX
    • Studies
View Post
  • 4 min
  • Efficacy, safety and practical application

Phytotherapeutic options for endometriosis

    • General Internal Medicine
    • Gynecology
    • Pharmaceutical medicine
    • Phytotherapy
    • RX
    • Studies
Top Partner Content
  • Forum Gastroenterology

    Zum Thema
  • Herpes zoster

    Zum Thema
  • Dermatology News

    Zum Thema
Top CME content
  • 1
    Interplay between cancer and mental illness
  • 2
    Constant dripping – alcohol and cancer
  • 3
    Medical and psychosocial perspectives
  • 4
    Individual therapy management for an optimized outcome – an update
  • 5
    Pathomechanisms, secondary prevention and treatment options

Newsletter

Sign up and stay up to date

Subscribe
Medizinonline
  • Contact
  • General terms and conditions
  • Imprint

Input your search keywords and press Enter.