AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Ransomware paralyzes over 100 hospitals in Romania

Impact of the cyberattack on the national healthcare system and actions taken

A ransomware attack hit the Hipocrate platform in Romania, paralyzing over 100 hospitals. The criminals demanded a ransom of 3.5 BTC (~$100,000). Authorities recommend not paying and isolating infected systems.

This pill is also available in Italian language

A serious ransomware attack hit the Hipocrate platform, essential for managing the IT infrastructure of several healthcare facilities in Romania, leaving over 100 hospitals without service. It should be noted that the cyberattack occurred on the night of February 11, with production servers being compromised, leading to the encryption of files and databases, consequently making them inaccessible to the affected healthcare facilities. Originally, 21 hospitals were directly affected by the attack, a figure which increased to 25 following further verification, while a further 79 voluntarily disconnected their systems as a precautionary measure during the ongoing investigation.

National Directorate for IT Security confirms redemption in BTC

An official bulletin dated February 13, released by Romania's National Directorate for Cyber Security (DNSC), confirmed the absence of evidence of data theft. Despite this, the involvement of 4 other hospitals emerged. The communication, translated with Google, also revealed that the attackers were asked for a ransom of 3.5 BTC, equivalent to approximately 100,000 US dollars. The identity of the attackers still remains unknown.

DNSC recommendations to affected facilities

The DNSC, together with other cybersecurity authorities involved in the analysis of the case, urges hospitals not to contact the cyber-criminals or satisfy their ransom demands. The Directorate also recommends that facilities using the Hipocrate technology platform isolate any compromised systems from the rest of the network and the Internet, but not shut them down in order to preserve evidence in volatile memory.

Post-attack recovery procedure

It is advisable to proceed with the restoration of compromised IT systems only after a thorough remediation of the entire system, using backups of pre-existing data. Before reactivating them, it is essential that all applications and operating systems are updated with the latest security patches, to avoid further vulnerabilities and risks of reinfection.

Follow us on Twitter for more pills like this

02/13/2024 12:18

Marco Verro

Last pills

Google Cloud security predictions for 2024: how AI will reshape the cybersecurity landscapeFind out how AI will transform cybersecurity and address geopolitical threats in 2024 according to Google Cloud report

AT&T: data breach discovered that exposes communications of millions of usersDigital security compromised: learn how a recent AT&T data breach affected millions of users

New critical vulnerability discovered in OpenSSH: remote code execution riskFind out how a race condition in recent versions of OpenSSH puts system security at risk: details, impacts and solutions to implement immediately

Discovery of an AiTM attack campaign on Microsoft 365A detailed exploration of AiTM attack techniques and mitigation strategies to protect Microsoft 365 from advanced compromises