At least 18 hospitals in Romania fell victim to a massive ransomware attack, paralyzing the Hipocrate Information System (HIS), which is responsible for managing medical activities and patient data.
On Feb. 11-12, HIS production servers were attacked, encrypting critical files and databases, as reported by Bleeping Computer. After the online attack incident, the Romanian Ministry of Health summoned IT and cybersecurity experts from the National Cyber Security Directorate (DNSC) to investigate.
The impact extends to critical healthcare facilities, including regional and cancer treatment centers. In response, DNSC cautioned against direct communication with affected hospitals' IT teams, prioritizing service restoration and data recovery. The Ministry of Health has released a list of affected hospitals, accompanied by preventive measures for unaffected facilities.
Investigation Still Ongoing
The identity of the ransomware strain responsible for the attack remains undisclosed, indicating uncertainties regarding potential data theft. DNSC cybersecurity experts are actively investigating the ransomware attack incident, with hospitals like the Emergency Hospital of Plastic, Reconstructive, and Burn Surgery Bucharest and Azuga Orthopaedics and Traumatology Hospital among those affected.
Silviu Cârstea, the administrator overseeing the Hipocrate system, shed light on the magnitude of the data affected by the cyber assault. Cârstea disclosed that the impact reached between 10 and 20 terabits, specifically targeting production servers. He emphasized the significance of these servers in distributing solutions within the hospitals' closed networks, according to Euronews.
Read Also: Starlink's Dual Role: Aiding Ukraine's Defense and Assisting Russian Invaders?
Cârstea estimates that normal system functionality will resume by Tuesday morning. He expressed confidence in the restoration process, citing nightly backup copies on HIS production servers. He also noted that these backups are systematically stored on external media, with potential duplication on additional external mediums or through online channels based on available resources.
Ransomware Attacks is Surging Globally
As of now, the software service provider RSC, which is responsible for the Hipocrate healthcare system, has not issued a public statement concerning the incident. This cyberattack on Romanian hospitals underscores the persistent threats to critical infrastructure. It emphasizes the crucial need for enhanced cybersecurity measures in healthcare systems to safeguard patient data and medical services.
In a broader context, a Delinea survey of over 300 US IT and security decision-makers indicates a concerning surge in ransomware threats during 2023, surpassing 2022 levels, according to SecurityWeek. The report highlights a shift towards data extraction-focused attacks, raising alarms about the increase in ransomware victims. The data shows a surge from 68% to 76% of ransomware attack victims paying the ransom, possibly indicating cyber insurance.
Ransomware assaults have also targeted hospitals, schools, and government entities. Supply chain attacks utilizing the widely-used MOVEit file transfer software affected prominent entities such as the BBC and British Airways. These incidents contributed to ransomware groups surpassing a historic milestone, extorting over $1 billion in cryptocurrency payments from victims, according to a Chainalaysis article.
Notably, as cybercriminals continue to evolve and adapt to legislative developments and law enforcement operations, worldwide authorities, impacted organizations, cybersecurity corporations, and blockchain intelligence collaborated in fighting and winning against ransomware in 2023.
Related Article: AI Deepfake Brings Back Indonesia's Dead Dictator for Upcoming Elections
