Chinese hackers suspected of attacks on Israeli hospitals

Chinese hackers suspected attacks Israeli hospitals

Israel’s Ministry of Health, as well as the country’s National Cybersecurity Administration, issued a joint statement on the recent spike in ransomware attacks targeting nearly a dozen healthcare facilities in the country.

The attacks did not harm hospitals and healthcare organizations due to national coordination and quick response from local IT professionals, the authorities say. The government also says it has taken a series of protective measures aimed at the health sector to identify open vulnerabilities and patch them before the weekend.

This comes after the Hillel Yaffe Medical Center, located near the city of Hadera, suffered a ransomware attack last week. Unfortunately, these efforts were not enough, and a number of medical organizations were still hacked over the past weekend.

According to local media reports, a Chinese hack group using the DeepBlueMagic malware, which first appeared in the public domain in August this year, is behind these attacks. DeepBlueMagin effectively disables security solutions that would normally detect and block attempts to encrypt files, allowing attackers to carry out their attacks. Edition Bleeping Computer writes that attackers use BestCrypt encryption devices.

Israel’s National Cyber ​​Security Administration has already published indicators of compromise and recommendations for protecting potentially vulnerable systems.

The aforementioned Hillel Yaffe Medical Center has been restoring its systems for six days (from October 13, 2021), but for now, the hospital staff is forced to use not computers, but paper and pen to receive patients and to transfer the results of examinations. Worse, there are fears that some medical records may not be recovered, as attackers have gained access to the backup system and erased all the copies stored there in case of emergencies.

A spokesman for the country’s Ministry of Health confirmed that the attack was carried out by Chinese hackers with “purely financial” motives. However, the hackers are unlikely to receive a ransom, because the Hillel Yaffe Medical Center is a state hospital and it will not even negotiate with criminals.

Catch up on more stories here

Leave a Reply