Ransomware incidents attacking critical infrastructure in various countries keep happening. This time, IT system audit specialists report that a series of attacks have disrupted operations at multiple hospitals in Australia and the US, affecting hundreds of patients who require special care and surgical interventions in which technological infrastructure plays a key role.
Through a statement, affected hospitals (DCH
Regional Medical Center, Northport Medical Center and Fayette Medical Center at
Alabama, US) mentioned that for now they were not able to access their systems,
as a significant portion of their infrastructure was compromised by this
Patients who were already in hospitals at the time of ransomware infection will be treated normally, unless they require care available only in other hospitals. Hospital IT system audit teams also ensured that surgeries that had already been scheduled will be performed despite the shortcomings that hospitals face. The three hospitals affected by encryption malware are part of the DCH Health System, a government area responsible for operating a publicly owned health system in the US.
On the other hand, multiple hospitals in
Gippsland, Australia, were also hit by a ransomware attack that affected access
to patient records and management systems. As a result, many doctors have lost
access to their patients’ medical history, which has postponed diagnostics and
In total, 18 facilities in Australia were
impacted by the ransomware. IT system audit specialists mention that hackers
managed to bypass many of the security filters installed by the hospital IT
team, forcing the closure of many systems.
As a security measure, affected hospitals
isolated many of their systems to prevent the spread of ransomware. In
addition, administrative staff had to employ manual methods to keep operations
afloat. So far no additional details have been revealed, such as the hacker
group responsible for the attack, the ransomware variant used or the ransom
amount that the attackers have demanded.
IT system audit experts from the International Institute
of Cyber Security (IICS) mention that, due to factors such as the type of
infrastructure targeted in this attack and the apparent synchronization between
the two incidents, the authorities in both countries must determine whether the
same group of cybercriminals is behind this wave of attacks.
So far in 2019, at least 620 attacks targeting
critical infrastructure from the US government have been detected. Among the
most prominent targets of these cyberattacks are 70 state and municipal
entities, including a serious outbreak of Ryuk
ransomware in a small Florida town that forced the local government to pay more
than $400k USD in ransom.
Another devastating attack occurred in the city
of Baltimore, whose systems were infected with the dangerous RobbinHood
ransomware. In this case, officials refused to pay $75k USD in ransom; however,
the recovery costs have already exceeded $18 million USD.