AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Ransomware paralyzes over 100 hospitals in Romania

Impact of the cyberattack on the national healthcare system and actions taken

A ransomware attack hit the Hipocrate platform in Romania, paralyzing over 100 hospitals. The criminals demanded a ransom of 3.5 BTC (~$100,000). Authorities recommend not paying and isolating infected systems.

This pill is also available in Italian language

A serious ransomware attack hit the Hipocrate platform, essential for managing the IT infrastructure of several healthcare facilities in Romania, leaving over 100 hospitals without service. It should be noted that the cyberattack occurred on the night of February 11, with production servers being compromised, leading to the encryption of files and databases, consequently making them inaccessible to the affected healthcare facilities. Originally, 21 hospitals were directly affected by the attack, a figure which increased to 25 following further verification, while a further 79 voluntarily disconnected their systems as a precautionary measure during the ongoing investigation.

National Directorate for IT Security confirms redemption in BTC

An official bulletin dated February 13, released by Romania's National Directorate for Cyber Security (DNSC), confirmed the absence of evidence of data theft. Despite this, the involvement of 4 other hospitals emerged. The communication, translated with Google, also revealed that the attackers were asked for a ransom of 3.5 BTC, equivalent to approximately 100,000 US dollars. The identity of the attackers still remains unknown.

DNSC recommendations to affected facilities

The DNSC, together with other cybersecurity authorities involved in the analysis of the case, urges hospitals not to contact the cyber-criminals or satisfy their ransom demands. The Directorate also recommends that facilities using the Hipocrate technology platform isolate any compromised systems from the rest of the network and the Internet, but not shut them down in order to preserve evidence in volatile memory.

Post-attack recovery procedure

It is advisable to proceed with the restoration of compromised IT systems only after a thorough remediation of the entire system, using backups of pre-existing data. Before reactivating them, it is essential that all applications and operating systems are updated with the latest security patches, to avoid further vulnerabilities and risks of reinfection.

Follow us on Threads for more pills like this

02/13/2024 12:18

Marco Verro

Last pills

Zero-day threat on Android devices: Samsung prepares a crucial updateFind out how Samsung is addressing critical Android vulnerabilities and protecting Galaxy devices from cyber threats

CrowdStrike: how a security update crippled the tech worldGlobal impact of a security update on banking, transportation and cloud services: what happened and how the crisis is being addressed

Checkmate the criminal networks: the Interpol operation that reveals the invisibleFind out how Operation Interpol exposed digital fraudsters and traffickers through extraordinary global collaboration, seizing luxury goods and false documents

Google Cloud security predictions for 2024: how AI will reshape the cybersecurity landscapeFind out how AI will transform cybersecurity and address geopolitical threats in 2024 according to Google Cloud report