Tag: hospitals | SpinSafe

Ransomware attacks on hospitals highlight need for vigilant cybersecurity

March 24, 2024/in Internet Security

BETHLEHEM, Pa. — Recent ransomware attacks on health care providers have put a spotlight on their need for diligent security measures.

Just last month, the BlackCat hacker group orchestrated a cyberattack on Change Healthcare, a subsidiary of UnitedHealth Group.

The BlackCat group — also known as ALPHV or Noberus, according to the U.S. Justice Department — demanded $22 million from the health care giant after attacks made payments and prescription services largely unavailable.

A UnitedHealth Group webpagededicated to its “cyber response” shows half of restoration efforts are complete, with two more in progress as of March 15 and the week of March 18.

Those in progress include restoring provider electronic payments and reconnection/testing of its claims system.

In a December 2023 release about a ransomware disruption campaign, the DOJ called the BlackCat group the “second-most prolific ransomware-as-a-service variant in the world,” noting its targets of computer networks of more than 1,000 victims.

The Feb. 21 attack prompted the FBI and HSS to send an advisory days later, urging security specialists to “protect and detect against malicious activity” after noticing BlackCat affiliates “primarily targeting the health care sector.”

“Most places wouldn’t be life and death, but in hospitals it is there. So the need to protect people in a hospital environment is there.”

Kermit Burley, Information Technology program coordinator at Penn State Lehigh Valley

Last year, the same group — which reportedly has ties to Russia — attacked Lehigh Valley Physician Group.

BlackCat hackers then posted patient information and nude photos of cancer patients receiving radiation oncology treatment at LVPG Delta Medix in Lackawanna County to the dark web.

Federal agencies like the Cybersecurity and Infrastructure Security Agency advise against paying ransom for cyberattacks. But for health care providers, that isn’t always an option, said Kermit Burley, Penn State Lehigh Valley lecturer.

“Most places wouldn’t be life and death, but in hospitals it is there,” Burley said. “So the need to protect…

Source…

Bitcoin Ransomware Takes Down 100 Romanian Hospitals Offline

February 14, 2024/in Internet Security

Last updated:

February 14, 2024 21:54 EST
| 1 min read

Source: Pete Linforth / Pixabay

More than 100 hospitals in Romania were affected by a crypto ransomware attack on Tuesday, the National Cyber Security Directorate (DNSC) confirmed. The unidentified perpetrators have demanded 3.5 Bitcoin (BTC), or about $180,000, to decrypt the data.

The ransomware took down over 100 hospitals, affecting their IT systems and encrypting data, forcing the hospitals to operate offline.

Romania’s ongoing hospital ransomware attack is getting worse. Cyber security centre said last night that 21 hospitals have had computers encrypted. A chidren’s hospital was the first to get hit but now it’s spread. Computers in 79 other medical facilities have been unplugged pic.twitter.com/rdsX31VhFd

— Joe Tidy (@joetidy) February 13, 2024

Per a recent update from the DNSC, 25 hospitals in Romania using Hipocrate Information System (HIS) are directly affected by the attack. “As a result of the attack, the system is down, files and databases are encrypted,” the Ministry of Health noted.

“The incident is under investigation by IT specialists, including cyber security experts from the National Cyber Security Directorate, and resumption possibilities are being assessed,” the Ministry added. However, it did not specify whether the authorities are ready to pay the ransom in Bitcoin, as demanded by attackers.

Dubbed ‘Backmydata’, the ransomware is a variant of Phobos malware family, that are distributed via hacked Remote Desktop (RDP) connections. The ransom note informs victim about the severity of the situation by threatening to sell confidential…

Source…

Ransomware attack knocks 20 Romanian hospitals offline: Report

February 13, 2024/in Internet Security

A ransomware attack on Hipocrate Information System (HIS), used by hospitals to manage medical activity and patient data knocked, impacted at least 21 hospitals in Romania forcing them offline.

The attack launched over the weekend targeted the production servers running HIS information system, resulting in the system’s database being encrypted.

The incident, currently under investigation, impacted various hospitals across Romania, including regional and cancer treatment centers, a report from the Bleeping Computer said.

There is no information on what ransomware operation targeted the hospitals’ system or if the patient’s personal or medical data was stolen. Romania’s National Cyber Security Directorate (DNSC) is currently investigating the cyber incident.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

Technological advancements in the healthcare industry like remote health monitoring, electronic health records and the Internet of Thins (IoT) has provided cybercriminals with more opportunities to attack the sector.

Also Read | How safe is our personal health data with the Indian government?

Attacks on the healthcare sector have also impacted India, with the country registered the second highest number of attacks on the sector in 2022.

Attacks on hospitals could lead to sensitive data being exposed to threat actors. This data can then be used to perform digital identity theft, online banking thefts, tax frauds and other financial crimes.

Source…

20+ hospitals in Romania hit hard by ransomware attack on IT service provider • Graham Cluley

February 13, 2024/in Internet Security

20+ hospitals in Romania hit hard by ransomware attack on IT service provider

Over 20 hospitals in Bucharest have reportedly been impacted by a ransomware attack after cybercriminals targeted an IT service provider. As a consequence medical staff have been forced to use pen-and-paper rather than computer systems.

Romania’s National Cybersecurity Directorate (DNSC) said in a statement that the attackers encrypted hospital data using the Backmydata ransomware – a variant of Phobos.

The DNSC advises not to contact the IT teams at affected hospitals “so they can focus on restoring IT services and data! This is the priority at the moment.”

Sign up to our free newsletter.
Security news, advice, and tips.

The affected hospitals all used the Hipocrate IT platform, developed by Romanian software company RSC to manage patients’ data and track their progress from initial admission to discharge.

Affected hospitals include:

Azuga Orthopaedics and Traumatology Hospital
Băicoi City Hospital
Buzău County Emergency Hospital
C.F. Clinical Hospital no. 2 Bucharest
Colțea Clinical Hospital
Emergency County Hospital “Dr. Constantin Opriș” Baia Mare
Emergency Hospital for Plastic, Reconstructive and Burn Surgery Bucharest
Fundeni Clinical Institute
Hospital for Chronic Diseases Sf. Luca
Institute of Cardiovascular Diseases Timișoara
Medgidia Municipal Hospital
Medical Centre MALP SRL Moinești
Military Emergency Hospital “Dr. Alexandru Gafencu” Constanta
Oncological Institute “Prof. Dr. Al. Trestioreanu” Institute Bucharest (IOB)
Pitești Emergency County Hospital
Regional Institute of Oncology Iasi (IRO Iasi)
Sighetu Marmației Municipal Hospital
Slobozia County Emergency Hospital
St. Apostol Andrei Emergency County Hospital Constanta
Târgoviște County Emergency Hospital

The DNSC reports that 79 more hospitals using Hipocrate have disconnected from the internet in the wake of the attack. The attack was first spotted on Saturday, February 10 at the Pitești Paediatric Hospital.

According to the DNSC, most affected hospitals have backups of the data encrypted by the ransomware, which should aid recovery. But in at least one case, the most recent backup was saved 12 days ago.

Hat-tip: Thanks to reader Gheorghe for his assistance with this…

Source…

Tag Archive for: hospitals