Israel hospital hacking disrupts services; Cyberattackers unknown

The attack has disabled the hospital's administrative computer systems, but has not impacted the operations of actual medical equipment.

A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. (photo credit: KACPER PEMPEL/ILLUSTRATION PHOTO/REUTERS)
A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017.
(photo credit: KACPER PEMPEL/ILLUSTRATION PHOTO/REUTERS)

Mayanei Hayeshua Medical Center in Bnei Brak was hacked overnight Monday, the Health Ministry and Israel National Cyber Directorate (INCD) announced Tuesday morning.

Sources have said that so far the INCD has not identified the cyberattackers, but in October 2021, hackers brought down Hadera’s Hillel Yaffe Medical Center’s computer systems in a cyberattack.

Although initially suspicions centered around Iran, especially because an Iran-affiliated group called Black Shadow carried out other major hacks against Israel during that time period, it was eventually concluded that the Hillel Yaffe hackers were affiliated with the criminal sector in China.

The attack on Mayanei Hayeshua has disabled the hospital’s computer systems in record keeping but has not impacted the operations of actual medical gear.

Due to the hack, the hospital is not accepting new patients to outpatient clinics and imaging centers at the hospital, and even patients who need to go to an emergency room are being urged to go to other nearby hospitals.

 View of Mayanei Hayeshua Medical Center in Bnei Brak, Israel, April 13, 2020 (credit: NATI SHOHAT/FLASH90)
View of Mayanei Hayeshua Medical Center in Bnei Brak, Israel, April 13, 2020 (credit: NATI SHOHAT/FLASH90)

At present, patients who were already being cared for in the hospital are still attended to and are not being transferred to other hospitals.

Hospitals suffer from gaps in cyberdefense

Regarding Hillel Yaffe, it was later determined that the INCD had warned the medical center of cyberdefense shortcomings and the hospital medical center had slowed addressing its vulnerabilities, leading to NIS 36 million in losses.

Cyber officials have told The Jerusalem Post that if the medical center had acted differently it might have avoided the hack, as several other medical centers who were attacked around the same time did, or at least its systems could have been restored within days instead of over the month it took.

It was unclear Tuesday morning whether the INCD’s response team working on Mayanei Hayeshua would be able to restore the systems faster and how well defended the medical center was.

Early Tuesday afternoon, the medical center updated that its center for receiving pregnant women is still operating normally, including instruments for monitoring the progress of the pregnancies.


Stay updated with the latest news!

Subscribe to The Jerusalem Post Newsletter


Many local authorities in Israel, outside of major ones like Tel Aviv, are poorly defended. Despite years in which medical centers across the globe have become targets of choice for hackers, many hospitals, especially smaller ones, still lag behind in cyberdefense, either because of a lack of understanding of the threat, funding, or both.

In May, State Comptroller Matanyahu Englman issued a report warning that Israeli hospitals were “significantly hacked” 13 times, with 10 of these hackings being “of the most severe level.”

The report said that the health sector lacks: sufficient segmentation of its different networked services; ongoing inspections of cybersecurity; probes into the different ways medical devices and facilities access the Internet, broad structural defenses  and failure to update security for content. The report cited a wide variety of machinery that are becoming more networked from MRI-related devices to CT scan devices to ultrasound devices.

The cost of fixing the deficiencies was estimated at an ongoing yearly cost of more than NIS 10 million for a facility referred to as “A” by the report.

The comptroller said that it was not only critical for medical centers to have initial cybersecurity defenses, but also to know how to mitigate losses even after a hacker might succeed at penetrating one or more systems before they can spread into other systems.

Moreover, the report recommended that the Health Ministry take a more active role in enforcing higher cybersecurity standards among different medical centers.

Former IDF Unit 8200 Col. (res.) and Team8 Chief Ideation Officer Bobby Gilburd warned that the attack could be another sign of the failures of Israel and others to prepare for artificial intelligence-based cyberattacks.

Gilburd noted that even criminal sectors, let alone unfriendly nation states, can use AI to generate incredibly realistic and truthful-sounding text and invoice messages to employees to get them to click on links that then break through an institution’s cybersecurity defenses.

He said that medical institutions and others need to significantly up their game both in terms of cyberdefenses that can cope with AI high-speed attacks and in training their employees to anticipate deep fake AI booby-trapped inquiries.

Israel is not alone in its medical centers being vulnerable to hacking. On August 4, it was announced that 16 hospitals and more than a hundred other medical facilities across the US went offline in the largest medical sector cyberattack of 2023.

The target of the hack was Prospect Medical Holdings, which owns both hospitals and over 165 outpatient facilities, in California, Connecticut, Pennsylvania, and Rhode Island.

Jerusalem Post Staff contributed to this report.