Ransomware Attacks Hit Hospitals In Romania

Uploaded on 2024-02-23 in FREE TO VIEW, BUSINESS-Services-Health & Welfare

Over 25 Romanian hospitals and healthcare facilities have been been affected  by a ransomware attack, which has taken their healthcare management systems offline. The Hipocrate Information System (HIS) used by hospitals to manage medical activity and patient data was targeted over the weekend and is now offline after its database was encrypted. 

Children's and emergency hospitals were amongst those hit, with some facilities going completely offline. The hackers have demanded 3.5 Bitcoin, worth over $150,000, to unlock vital files which they had encrypted.

Romanian healthcare officials said data had been recently backed up, which is reducing the impact of the attack.

The Romanian Ministry of Health says that the attack targeted the HIS medical information system. The incident was under investigation by IT specialists, including cyber security experts from the National Cyber Security Directorate (DNSC), the ministry said. The DNSC says 25 hospitals were attacked and this attack began at the The Pitesti Paediatric Hospital.

According to sources, 79 other healthcare facilities were taken offline as  a precautionary measure while investigations were carried out to determine if they had been affected.

While officials had identified the type of malware used, the group responsible has yet to be identified. The ransom demand includes only an email address, officials wrote. As most of the targeted hospitals have recent backups of data from the affected servers, it is expected that the facilities should be able to remediate the damage reasonably quickly.

The impact on patients could be very serious as so many hospitals have had to switch off Internet connected devices. This could, affect not just booking and records but also machines like critical monitors and scanners.

The national healthcare service in Ireland endured  a similar attack in 2021 using Conti ransomware which caused thousands of patient appointments to be cancelled or rearranged. In that  incident, the Irish government refused to pay the ransom demanded. 

BBC     |   Bleeping Computer    |     MS   |     The Hindu   |   DNSC   |     BBC   |     AOL   |   Graham Cluley     

Image: Unsplash

You Might Also Read: 

Irish Health Service Ransom Attack Will Cost Ireland As Much As €100m:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Will Generative-AI Take Female Jobs?
Cybersecurity In Managed Cloud: Best Practices For Keeping Your Data Safe »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Assure Technical

Assure Technical

Assure Technical offers a holistic approach to Technical Security. Our expertise and services span across the Physical, Cyber and Counter Surveillance domains.

Cyber Technology Institute - De Montfort University

Cyber Technology Institute - De Montfort University

The Cyber Technology Institute provides training and high quality research and consultancy services in the fields of cyber security, software engineering and digital forensics.

Networkers

Networkers

Networkers is a global recruitment consultancy helping unite job-seekers and hiring companies across the technology industry.

Auth0

Auth0

Auth0 is a cloud service that provides a set of unified APIs and tools that instantly enables single sign-on and user management for any application, API or IoT device.

Netwrix

Netwrix

Netwrix empowers information security and governance professionals to identify and protect sensitive data to reduce the risk of a breach.

Snyk

Snyk

Snyk is the leader in developer security. We empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world.

Proteus

Proteus

Proteus is an Information Security consulting firm specialized in Risk Analysis and Executive Control.

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI) is recognized as Thailand’s leader in cyber investigations and digital forensics.

Westminster Insight - Cyber Security Conference

Westminster Insight - Cyber Security Conference

Join colleagues this December for Westminster Insight’s Cyber Security Conference, as you’ll assess how new technologies such as AI can secure your organisation against future threats.

Cloudsine

Cloudsine

Cloudsine (formerly Banff Cyber Technologies) is a cloud technology company specializing in cloud adoption, security and innovation.

CACI International

CACI International

CACI is at the forefront of developing and delivering technological breakthroughs that transform and optimize government operations.

Lucata

Lucata

Lucata solutions support groundbreaking graph analytics and improved machine learning for organizations in financial services, cybersecurity, healthcare, pharmaceuticals, telecommunications and more.

Wabbi

Wabbi

Wabbi’s continuous security platform centralizes, automates and orchestrates security governance and vulnerability management to empower development teams to own appsec.

Binarly

Binarly

Binarly has developed an AI-powered platform to protect devices against emerging firmware threats.

Strivacity

Strivacity

Strivacity lets brands quickly add secure login and identity management capabilities to their customer-facing applications without tying up an army of developers or consultants to do it.

Iolo

Iolo

Iolo develops patented technology and award-winning software that repairs, optimizes, and protects computers, to maximize system speed and performance while keeping them safe.