3.5 bitcoin ransom demand after hospital cyberattack

There is a ransom demand of 3.5 BTC, equivalent to approximately 157,000 euros, after the cyber attack that affected the activity of several hospitals, the National Cyber Security Directorate (DNSC) announced on Tuesday. The institution recommends not contacting the hackers and not paying the ransom.

According to DNSC, the attackers’ message does not specify a group name claiming this attack, only an email address. He also announces that the attack has been confirmed in the case of four other health units, but emphasizes that there is no indication of data exfiltration so far:

– Institute of Speech-Language and ENT Functional Surgery “Prof. Dr. D. Hociotă”, Bucharest.

-Brad Pneumophthiziology Sanatorium, Hunedoara

– Roșiori de Vede Pneumophthizology Hospital

– Sante Călărași Clinic (private clinic).

Hospitals that use the HIPOCRATE platform, regardless of whether they have been affected or not, received a series of recommendations from the DNSC for proper management of the situation:

– Identification of the affected systems and their immediate isolation from the rest of the network, as well as from the Internet

– Keeping a copy of the ransom message and any other communications from the attackers. This information is useful for the authorities or for further analysis of the attack

– Do not turn off the affected equipment. Stopping it will remove the evidence stored in the volatile memory (RAM)

– Collect and keep all relevant log information from the affected equipment, but also from network equipment, firewall

– Examine the system logs to identify the mechanism by which IT infrastructure has been compromised

– Immediately inform all employees and notify affected customers and business partners of the incident and its extent

– Restore affected systems based on data backups after a full system cleanup has been performed. It is absolutely necessary to ensure that backups are intact, up-to-date and secure against attacks

– Ensure that all programs, applications and operating systems are updated to the latest versions and that all known vulnerabilities are patched.

On Monday evening, 21 hospitals affected by the cyber attack were confirmed. DIICOT has already launched an investigation in rem in this case.

bitcoinBTCcyber attackdemandemailhackershospitalNational Cyber Security Directorate (DNSC)ransom
Comments (1)
Add Comment
  • Panagiotis Spyridis

    Stupid rebels without a cause!