Ransomware Attacks Hit Hospitals In Romania

Uploaded on 2024-02-23 in FREE TO VIEW, BUSINESS-Services-Health & Welfare

Over 25 Romanian hospitals and healthcare facilities have been been affected  by a ransomware attack, which has taken their healthcare management systems offline. The Hipocrate Information System (HIS) used by hospitals to manage medical activity and patient data was targeted over the weekend and is now offline after its database was encrypted. 

Children's and emergency hospitals were amongst those hit, with some facilities going completely offline. The hackers have demanded 3.5 Bitcoin, worth over $150,000, to unlock vital files which they had encrypted.

Romanian healthcare officials said data had been recently backed up, which is reducing the impact of the attack.

The Romanian Ministry of Health says that the attack targeted the HIS medical information system. The incident was under investigation by IT specialists, including cyber security experts from the National Cyber Security Directorate (DNSC), the ministry said. The DNSC says 25 hospitals were attacked and this attack began at the The Pitesti Paediatric Hospital.

According to sources, 79 other healthcare facilities were taken offline as  a precautionary measure while investigations were carried out to determine if they had been affected.

While officials had identified the type of malware used, the group responsible has yet to be identified. The ransom demand includes only an email address, officials wrote. As most of the targeted hospitals have recent backups of data from the affected servers, it is expected that the facilities should be able to remediate the damage reasonably quickly.

The impact on patients could be very serious as so many hospitals have had to switch off Internet connected devices. This could, affect not just booking and records but also machines like critical monitors and scanners.

The national healthcare service in Ireland endured  a similar attack in 2021 using Conti ransomware which caused thousands of patient appointments to be cancelled or rearranged. In that  incident, the Irish government refused to pay the ransom demanded. 

BBC     |   Bleeping Computer    |     MS   |     The Hindu   |   DNSC   |     BBC   |     AOL   |   Graham Cluley     

Image: Unsplash

You Might Also Read: 

Irish Health Service Ransom Attack Will Cost Ireland As Much As €100m:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Will Generative-AI Take Female Jobs?
Cybersecurity In Managed Cloud: Best Practices For Keeping Your Data Safe »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Allen & Overy

Allen & Overy

Allen & Overy is an international law firm. Practice areas include Cybersecurity and Data Protection.

CNCERT/CC

CNCERT/CC

CNCERT is the national Computer Network Emergency Response Technical Team / Coordination Center of China.

Softtek

Softtek

Softtek provides comprehensive software Quality Assurance and Testing that identifies the correctness, completeness, and quality level of software products.

Cybersecurity Philippines CERT (CSP-CERT)

Cybersecurity Philippines CERT (CSP-CERT)

Cybersecurity Philippines CERT is the national Computer Emergency Response Team for the Philippines.

PhishX

PhishX

PhishX is a SaaS platform for security awareness that simulates Cyberthreats, train people, while measure and analysis results, reducing Cybersecurity risks for People and Companies.

Swiss Accreditation Service (SAS)

Swiss Accreditation Service (SAS)

SAS is the national accreditation body for Switzerland. The directory of members provides details of organisations offering certification services for ISO 27001.

RiskRecon

RiskRecon

RiskRecon makes it easy to gain deep, risk contextualized insight into the cybersecurity risk performance of all of your third parties.

Ingenio Global

Ingenio Global

Ingenio is a specialist recruitment business for SaaS companies. Our purpose is to source exceptional talent in areas including cyber security for leading SaaS companies in the UK and Ireland.

Root9B (R9B)

Root9B (R9B)

R9B offers advanced cybersecurity products, services, and training to enhance the way organizations protect their networks.

Trianz

Trianz

Trianz Cybersecurity Services are Powered by One of the World’s Largest Databases on Digital Transformation. We Understand Evolving Risks, Technologies and Best Practices.

Cyber Tzar

Cyber Tzar

Cyber Tzar is a new approach at dealing with an old problem; assessing and managing risks to your IT estate.

Maintel

Maintel

Maintel provides cloud and managed communications services. We help our customers to deliver exceptional customer experiences, and to securely access their applications and their data.

PingSafe

PingSafe

PingSafe is creating the next-generation cloud security platform powered by attackers' intelligence, providing coverage for vulnerabilities that traditional security solutions would otherwise overlook

Beaming

Beaming

Beaming is an established Internet Service Provider for businesses across the UK. We deliver reliable voice, data and managed services, including cybersecurity.

DeltaSpike

DeltaSpike

DeltaSpike empowers individuals and organizations worldwide through its comprehensive cybersecurity solutions.

Cyber Security Certification Australia (CSCAU)

Cyber Security Certification Australia (CSCAU)

CSCAU is the world’s first 'for mission' industry council set up to address small and medium-sized business (SMB) cyber resilience through annually updated certifiable standards.