Cyber Incident Victim: Salud Total EPS
Date:
May 2022
Location:
Colombia
Summary
A healthcare provider experienced an external cyberattack causing partial operational information unavailability, prompting the organization to disable affected IT services and sever physical and virtual server connections to safeguard data integrity. Contingency measures included deploying 24/7 support lines, extending in-person service hours at health centers, and maintaining uninterrupted medical care, medication distribution, and laboratory services through its provider network. Virtual channels such as online offices, home assistance platforms, mobile applications, and automated advisors remained offline during remediation efforts. Legal proceedings were initiated in coordination with national authorities. The entity assured its millions of users that human and technical resources were prioritized to restore digital services while emphasizing continued care delivery through alternative channels.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Salud Total EPS, a Colombian healthcare organization, recently suffered a significant cyber attack that compromised its technological platform. The attack, which was reportedly launched from outside the organization's network, caused partial unavailability of information related to operations, prompting the organization to take swift action to prevent further damage.
As a result of the attack, Salud Total EPS was forced to disable certain services and connections to its servers, both physical and virtual, in order to protect sensitive information and maintain the integrity of its systems. This decision was made in accordance with the organization's established protocols for responding to cyber incidents, which prioritize the protection of data and the continuity of business operations.
Despite the disruption caused by the attack, Salud Total EPS was able to maintain its medical services, ensuring that patients continued to receive the care they needed. However, the attack did impact the organization's virtual channels, including its website and mobile app, which were taken offline as a precautionary measure. This decision was likely made to prevent any potential further compromise of sensitive information and to allow the organization's IT teams to conduct a thorough investigation into the incident.
The cyber attack on Salud Total EPS is a sobering reminder of the risks faced by organizations in the healthcare sector, which are increasingly reliant on complex technological systems to deliver critical services. The fact that the attack was reportedly launched from outside the organization's network highlights the importance of robust perimeter defenses and the need for organizations to be constantly vigilant in the face of evolving cyber threats.
The incident also underscores the importance of having established protocols in place for responding to cyber incidents. Salud Total EPS's decision to disable certain services and connections to its servers in response to the attack demonstrates a clear understanding of the need to prioritize the protection of sensitive information and maintain business continuity. The organization's ability to maintain its medical services during the incident is also a testament to the effectiveness of its contingency planning.
The investigation into the cyber attack on Salud Total EPS is ongoing, and it is likely that the organization will be working closely with law enforcement and other stakeholders to identify the perpetrators and bring them to justice. The incident serves as a reminder of the need for organizations to be proactive in their approach to cybersecurity, and to prioritize the protection of sensitive information in the face of evolving threats.
The impact of the cyber attack on Salud Total EPS's operations is likely to be significant, at least in the short term. The organization's decision to take its website and mobile app offline will likely cause inconvenience to patients and other stakeholders, and may also have a negative impact on the organization's reputation. However, the fact that the organization was able to maintain its medical services during the incident suggests that it has a robust incident response plan in place, and is well-equipped to respond to cyber incidents.
The cyber attack on Salud Total EPS is also likely to have significant implications for the wider healthcare sector in Colombia. The incident highlights the need for organizations in the sector to prioritize cybersecurity and to invest in robust defenses to protect against evolving threats. It also underscores the importance of collaboration and information-sharing between organizations in the sector, in order to stay ahead of emerging threats and to develop effective strategies for responding to incidents.
Overall, the cyber attack on Salud Total EPS is a significant incident that highlights the risks faced by organizations in the healthcare sector. The incident demonstrates the importance of robust cybersecurity defenses, contingency planning, and incident response protocols, and serves as a reminder of the need for organizations to be constantly vigilant in the face of evolving cyber threats.