Security News
The CHwapi hospital in Belgium is suffering from a cyberattack where threat actors claim to have encrypted 40 servers and 100 TB of data using Windows Bitlocker. On Sunday, CHwapi suffered an attack that caused the hospital to redirect patients to other hospitals and delay surgical procedures.
In November, after a series of hacks directed at Universal Health Services and others, the cybersecurity agency CISA warned of an "Increased cybercrime threat to U.S. hospitals and healthcare providers." Large healthcare organizations can have a potentially vast attack surface, so making an inventory of potential vulnerabilities is essential.
A Vermont-based hospital network is now saying a cyberattack that crippled its computer systems in October was ransomware. While the Burlington-based University of Vermont Health Network, which serves hospitals in Vermont and upstate New York, had said its systems were attacked on Oct. 28, officials had not confirmed the attack that disabled the system's 600 applications was ransomware.
Two thousand servers containing 45 million images of X-rays and other medical scans were left online during the course of the past twelve months, freely accessible by anyone, with no security protections at all. Among the data - drawn from unprotected online storage devices with ties to hospitals and medical centres all over the planet - were 23,000 images of UK patients, left exposed to the public internet on 90 separate servers.
Despite hospitals being on the front lines during the pandemic, bad actors have continued to target them with ransomware. Incidents of ransomware attacks against hospitals skyrocketed in October.
A late October cyberattack on the computer systems of the University of Vermont Medical Center is costing the hospital about $1.5 million a day in lost revenue and recovery costs, its CEO said. The Oct. 28 attack crippled the computer systems of the hospital system that serves much of Vermont and parts of upstate New York.
Administrators scrambled to keep the hospital operational - cancelling non-urgent appointments, reverting to pen-and-paper record keeping and rerouting some critical care patients to nearby hospitals. The Vermont hospital had fallen prey to a cyberattack, becoming one of the most recent and visible examples of a wave of digital assaults taking U.S. health care providers hostage as COVID-19 cases surge nationwide.
The University of Vermont Health Network is still recovering from a Ryuk Ransomware attack in October 2020, with services slowly coming back online. In October, the University of Vermont hospitals suffered a Ryuk ransomware attack that impacted services to varying degrees in all seven hospitals in their health network.
Wired has a detailed story about the ransomware attack on a Dusseldorf hospital, the one that resulted in an ambulance being redirected to a more distant hospital and the patient dying. After a detailed investigation involving consultations with medical professionals, an autopsy, and a minute-by-minute breakdown of events, Hartmann believes that the severity of the victim's medical diagnosis at the time she was picked up was such that she would have died regardless of which hospital she had been admitted to.
The world's second-largest white-label laptop manufacturer, has been hit by the file-scrambling DoppelPaymer ransomware gang - and the hackers want $17m in cryptocurrency before they'll hand over the decryption key. Compal staff say they arrived at work on Monday to be told of the outbreak, and that they needed to back up their files.