Security News > 2021 > October > Suspected Chinese hackers behind attacks on ten Israeli hospitals
A joint announcement from the Ministry of Health and the National Cyber Directorate in Israel describes a spike in ransomware attacks over the weekend that targeted the systems of nine health institutes in the country.
In the joint announcement, the Israeli government states that the attempts resulted in no damage to the hospitals and the medical organizations, thanks to national-level coordination and the quick and decisive response of the local IT teams.
According to local media reports, the attack is attributed to a Chinese group of actors using the 'DeepBlueMagic' ransomware strain, which first appeared in the wild in August this year.
DeepBlueMagin is known to disable security solutions that usually detect and block file encryption attempts, allowing for successful attacks.
Israel's National Cyber Directorate has released indicators of compromise in the form of file hashes that have been seen in related attacks.
Reuven Eliyahu, the cybersecurity chief in the Health Ministry, has confirmed that the mid-week attack was carried out by Chinese hackers in a statement today and described the actors' motives as "Purely financial."
News URL
Related news
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Crypto-apocalypse soon? Chinese researchers find a potential quantum attack on classical encryption (source)
- Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- US says Chinese hackers breached multiple telecom providers (source)
- Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)