Ransomware has hit healthcare organizations, causing serious consequences
According to security and technology news site BleepingComputer, the victims of the ransomware attack were Radix Systems, a third-party partner that provides services to many federal agencies.
According to an official announcement from the Swiss government , hackers have posted 1.3TB of stolen data on the Dark Web, including scanned documents, financial records, contracts and communications. The Swiss National Cyber Security Center (NCSC) is actively analyzing the data to assess the extent of the stolen and encrypted data, as well as which agencies it affects.
Radix is a Zurich-based non-profit organization dedicated to promoting health. It operates eight centers that carry out projects and services commissioned by the Swiss federal government, provincial and municipal governments, and other public and private organizations.
Radix's official announcement shows that the systems were attacked by a ransomware called Sarcoma in June. According to Bleeping Computer, Sarcoma is a cybercrime organization that has been growing its activities since October 2024. They have attacked 36 major targets in just one month. Sarcoma penetrates systems through phishing, exploiting system vulnerabilities or attacking the supply chain.
Previously, in March 2024, Swiss government data was also leaked after a similar attack on another contractor, Xplain. The cyber-security incident leaked 65,000 documents related to the Federal Government, many of which contained sensitive personal information.
According to the latest announcement, in June, after an investigation into the Qilin ransomware attack that disrupted Synnovis’s service system, affected the NHS blood supplier in the UK, and caused the death of a patient. In fact, cybercriminal gangs have targeted hospitals and healthcare organizations for years, making them lucrative ransomware targets due to the urgency of restoring systems and sensitive data.
Previously, in 2020, the DoppelPaymer ransomware hit a hospital in Düsseldorf, disrupting services there. A 78-year-old woman died from an aortic aneurysm, delaying emergency treatment after being forced to travel to a hospital further away, while the nearest hospital, the University Hospital of Düsseldorf, was hit by the ransomware.
Ransomware like Qilin continues to attack all kinds of organizations, including those in the healthcare sector. In March, Qilin launched attacks on a cancer clinic in Japan and a women's health facility in the United States.
According to Mr. Ngo Tran Vu, Director of NTS Security Company: “Most hospitals and medical organizations are important agencies but the system is still not properly protected. The reality shows that many computers freely connect to the Internet, connect to the hospital management system and even use many pirated software, creating many doors for ransomware to penetrate the internal network”.
Therefore, using integrated security solutions, such as Kaspersky's flexible synchronization according to device scale, is the right way to simplify. In addition to multiple layers of effective shields, Kaspersky Plus allows users to create a protected archive of important data, to restore in case of a ransomware attack.
Through the cases, it shows that the subjective mentality of managers, thinking that hospitals are related to human lives, cybercriminals... leave them alone. In fact, sensitive medical data or hospital emergency systems make them high-level targets for criminals to extort money. Hospitals or medical organizations need to properly assess the danger level of ransomware to have appropriate investment policies. Avoid "closing the barn door after the horse has stolen".
BINH LAM
Source: https://www.sggp.org.vn/du-lieu-co-quan-chinh-phu-va-benh-vien-cung-la-muc-tieu-cua-ma-doc-tong-tien-post803116.html
Comment (0)