FEATURE : CYBERATTACK
Anatomy of the Western Cape Blood Service cyberattack right patient gets the right blood product at the right time and that the blood is safe .
Jacques Breslaw , Head of IT , Western Cape Blood Service , summarises the attack , partnership and support , and remediation that took place .
Support and partnership
At the time of the cyberattack , Dimension Data and the WCBS did not have a formal relationship with contracts in place . We had worked together in the past and Dimension Data had even donated some information security services to us . They seemed like the natural choice to reach out to for assistance in dealing with the crisis .
If you have not been through something before , you think you know what to do . But when you bring in Dimension Data , they have done it before . Their guidance and support helped us contain the attack and recover so much quicker .
Downtime and business impact
The cyberattack blocked access to the technology the organisation uses to safely get the right blood product to the right person at the right time . The cyberattack had blocked access to the environment by encrypting workstations and taking out servers .
The attack prevented the laboratories from doing automated , batch blood testing . While these tests can be done manually , the manual process causes significant delays . The attack also temporarily disrupted the systems that track blood from the volunteer donor ’ s vein to the patient ’ s vein .
Solutions for remediation
Dimension Data put a team together and started with cutting Internet access and isolating machines . The next steps were to contain the damage and recover the environment . In addition , we implemented CrowdStrike – a next-generation antivirus solution , which is an important part of maintaining and managing the environment .
CrowdStrike , on request from Dimension Data donated licenses to WCBS for a period of time to assist with the containment and recovery . This was followed by a forensic investigation to identify the full extent of the attack .
Forensics and recovery
Forensic investigations tracked exactly how the attack happened . This information can be used to prepare for , and hopefully prevent , future attacks .
While an attack like this is any company ’ s nightmare , in this instance it was a threat to lifesaving care for thousands of people . The WCBS is the only source of blood products in the region and issues about 7,000 units a month . Our technology ensures that the
Dimension Data and the WCBS worked together to investigate the attack and recover from it . The core systems that underpin our medical services were up and running again just 36 hours after the attack . the attack effectively blocked access to the organisation ’ s technology infrastructure and disrupted its core operations . restored and operational within a short span of just 36 hours following the cyberattack . p
The cyberattack had a detrimental effect on WCBS ’ s service laboratories , rendering them unable to perform automated batch blood testing . While manual testing could be done as an alternative , it introduced significant delays in the process . Additionally , the attack temporarily disrupted the systems responsible for tracking blood from the veins of volunteer donors to the veins of patients , further impacting the efficiency and accuracy of the blood supply chain .
Dimension Data and WCBS collaborated closely throughout the investigation process and jointly worked towards recovering from the attack . The core systems crucial to WCBS ’ s medical services were successfully
WCBS HOLDS A UNIQUE POSITION AS THE SOLE
PROVIDER OF BLOOD PRODUCTS IN THE
REGION , SUPPLYING APPROXIMATELY 7,000
UNITS PER MONTH .
www . intelligentcio . com INTELLIGENTCIO AFRICA 37