3.5 bitcoin ransom demand after hospital cyberattack


Get real time updates directly on you device, subscribe now.

There is a ransom demand of 3.5 BTC, equivalent to approximately 157,000 euros, after the cyber attack that affected the activity of several hospitals, the National Cyber Security Directorate (DNSC) announced on Tuesday. The institution recommends not contacting the hackers and not paying the ransom.

According to DNSC, the attackers’ message does not specify a group name claiming this attack, only an email address. He also announces that the attack has been confirmed in the case of four other health units, but emphasizes that there is no indication of data exfiltration so far:

– Institute of Speech-Language and ENT Functional Surgery “Prof. Dr. D. Hociotă”, Bucharest.

-Brad Pneumophthiziology Sanatorium, Hunedoara

– Roșiori de Vede Pneumophthizology Hospital

– Sante Călărași Clinic (private clinic).

Hospitals that use the HIPOCRATE platform, regardless of whether they have been affected or not, received a series of recommendations from the DNSC for proper management of the situation:

– Identification of the affected systems and their immediate isolation from the rest of the network, as well as from the Internet

– Keeping a copy of the ransom message and any other communications from the attackers. This information is useful for the authorities or for further analysis of the attack

– Do not turn off the affected equipment. Stopping it will remove the evidence stored in the volatile memory (RAM)

– Collect and keep all relevant log information from the affected equipment, but also from network equipment, firewall

– Examine the system logs to identify the mechanism by which IT infrastructure has been compromised

– Immediately inform all employees and notify affected customers and business partners of the incident and its extent

– Restore affected systems based on data backups after a full system cleanup has been performed. It is absolutely necessary to ensure that backups are intact, up-to-date and secure against attacks

– Ensure that all programs, applications and operating systems are updated to the latest versions and that all known vulnerabilities are patched.

On Monday evening, 21 hospitals affected by the cyber attack were confirmed. DIICOT has already launched an investigation in rem in this case.

DONATE: Support our work
In an ever changing and challenging world, the media is constantly struggling to resist. Romania Journal makes no exception. We’ve been informing you, our readers, for almost 10 years, as extensively as we can, but, as we reject any state funding and private advertising is scarce, we need your help to keep on going.
So, if you enjoy our work, you can contribute to endorse the Romania Journal team. Any amount is welcome, no strings attached. Choose to join with one of the following options:
Donate with PayPal
Donate by Bank Wire
Black Zonure SRL
UniCredit Bank. Swift: BACXROBU
RON: RO84 BACX 0000 0022 3589 1000
EURO: RO57 BACX 0000 0022 3589 1001
USD: RO30 BACX 0000 0022 3589 1002

1 Comment
  1. Panagiotis Spyridis says

    Stupid rebels without a cause!

Leave A Reply

Your email address will not be published.