Hackers hit heart clinic for ransom

Viking

Level 26
Thread author
Verified
Honorary Member
Top Poster
Well-known
Oct 2, 2011
1,531
Hackers have broken into the medical files of a heart clinic at Melbourne's Cabrini Hospital and demanded a ransom after scrambling the data of about 15,000 patients.
The Age reports the organisation has been unable to access the files for weeks after the cybercrime syndicate used malware to cripple its server and demand a cryptocurrency payment to decrypt the data.
The malware is believed to have originated from Russia or North Korea, but the identity of the criminals hasn't been revealed and Australian security agencies are investigating.
An Australian Cyber Security Centre spokeswoman said it was recently alerted to a cyber security incident by the Melbourne Heart Group (MHG), a tenant at the Cabrini Hospital site in Malvern.
The centre has provided cyber security advice and assistance to MHG, and as the matter is ongoing it said it is inappropriate to comment further.
A Cabrini Hospital spokeswoman said it was unaffected by the hacking as it operated independently from the MHG.
"It doesn't have any link to Cabrini in any way, they're just a tenant of ours," she said.
 

SumTingWong

Level 28
Verified
Top Poster
Well-known
Apr 2, 2018
1,706
Update: Cabrini hospital reportedly paid the cyber-criminals, but failed to regain access to some of the affected files.

Hackers:


A hospital paid the cyber-criminals which encourages them to do more. Didn't the FBI said " DON'T PAID THE HACKERS RANSOM" years ago?

"The malware is believed to have originated from Russia or North Korea"

LOL. It could be some American dark web hackers make the ransomware.
 

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452
It gives the ransomware a bad name, making paying for the ransom pointless, I bet it was done by some low-life. Scumbags like that take advantage of the weak. That is like taking a candy from a kid and asking him to give you his last $ to get it back and once he does, you keep both. Despicable.

 

Weebarra

Level 17
Verified
Top Poster
Well-known
Apr 5, 2017
836
It gives the ransomware a bad name, making paying for the ransom pointless, I bet it was done by some low-life. Scumbags like that take advantage of the weak. That is like taking a candy from a kid and asking him to give you his last $ to get it back and once he does, you keep both. Despicable.



They are all low life scumbags regardless of whether they give you a decryption key or not.:(
 
F

ForgottenSeer 72227

This is very unfortunate, I feel really bad for the patients.

Sadly this is the world we live in now. Hackers don't care who they hurt, they just want to make everyone's lives miserable and make as much money as possible. It's all the more reason why businesses (big and small), governments, hospitals, etc...need to be ever the more vigilant. You can no longer assume that it will never happen to you.

It's unfortunate that they paid the ransom as I agree that it will only encourage this behavior more. While we don't know the specifics, it's ever the more reason to ensure that you have proper backups and not just online back ups, but regular OFFLINE, backups. That way even if your online backups get encrypted, you still have your offline backups to go off of. Sure you may loose a little data because your offline backups may not be as up to date as your online backups, but IMO, it's far better than having nothing at all.
 

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452
Hackers don't care who they hurt, they just want to make everyone's lives miserable and make as much money as possible.
Most hackers have an unwritten code of conduct. They could easily take down schools, hospitals or charities, because those do not have much money for anything, so computer equipment and software is the last thing, that comes to mind, but only real suckers actually do it. They do not have to hack everyone just to get a pocket change like in this case. They occasionally toy with people, but they are not all some evil masterminds.
 
F

ForgottenSeer 58943

Many places are hacked, daily. But you rarely hear about it. For example one of the largest insurance underwriters was hacked and they didn't notify anyone. One of the largest carpet producers in the world was hacked last week and effectively closed business operations until further notice. They didn't notify anyone.

Most corporations skimp heavily on IT/Cybersecurity budgets are operate in a reactionary mode. One they get hit they start scrambling and then start to push more money toward security but by then it's often too late and at times nearly impossible to remove the internal, laterally moving hackers completely from their systems.

The simple fact is, any company that does 50million or more in business needs to have a cybersecurity expert on staff ensuring proper procedures and security protocols are in place. But most firms skimp, and even some hundreds of million dollar firms have no cybersecurity staff AT ALL and have skimpy IT budgets.

PS: On firm I worked with a couple years ago - after they were hacked then discovered they had no viable backups actually contacted the hacker. Paid them. Then hired the hacker as a consultant for a few weeks on how to protect their systems. The hacker fully restored their business operations during this time and was way cheaper than my team.
 
F

ForgottenSeer 72227

Many places are hacked, daily. But you rarely hear about it. For example one of the largest insurance underwriters was hacked and they didn't notify anyone. One of the largest carpet producers in the world was hacked last week and effectively closed business operations until further notice. They didn't notify anyone.

Most corporations skimp heavily on IT/Cybersecurity budgets are operate in a reactionary mode. One they get hit they start scrambling and then start to push more money toward security but by then it's often too late and at times nearly impossible to remove the internal, laterally moving hackers completely from their systems.

The simple fact is, any company that does 50million or more in business needs to have a cybersecurity expert on staff ensuring proper procedures and security protocols are in place. But most firms skimp, and even some hundreds of million dollar firms have no cybersecurity staff AT ALL and have skimpy IT budgets.


I agree!

Sad part is the "bean counters" usually have little to no understanding of cyber security. All they think the IT department does is plug and unplug computers and nothing else. Like you said, it isn't until something happens that causes them to go..."hmmm I guess we do need this cyber security thing after all", but by that point it's too late.
 
Last edited by a moderator:

bribon77

Level 35
Verified
Top Poster
Well-known
Jul 6, 2017
2,392
It's hard for a hospital not to have a copy online because they see so many patients every day... But in any case they could have made copies offline as well.
I think it was a technical failure.
 
F

ForgottenSeer 58943

I agree!

Sad part is the "bean counters" usually have little to know understanding of cyber security. All they think the IT department does is plug and unplug computers and nothing else. Like you said, it isn't until something happens that causes them to go..."hmmm I guess we do need this cyber security thing after all." but by that point it's too late.

Exactly.

The biggest issue is that we often have little choice but to trust these garbage companies with our business, livelihoods, finances, personal information, etc. As such all of our personal data and information is at risk because in many cases we can't use fake information at these firms. Are you going to put your investments under a fake name and forged SS#? Nope. Are you going to order carpet using a fake name and address? Nada. Are you going to go to the doctor or get a prescription and use a fake name? Well then..

So there it is.. Regardless of how careful we are these companies leak our stuff like a sieve out to the world without ANY REGARD for common sense security and privacy, or any regard for even notifying us... So what happened with the Equifax hack? Nothing.. Equifax is still in business, ruining peoples lives with their shoddy security and flawed credit reporting system.

Until there are laws, regulations, proper oversight, reporting requirements and required IT personnel certifications then nothing will change. Every company hacked should be required to publicly disclose this hack on a clearinghouse website. Maybe some embarrassment will fix them?

One of the largest automated kiosk company in the world was hacked, fully compromised, then all of the kiosks were served malware to steal every credit card and account across the world. Even worse, all of the customer biometric databases were stolen. Did you hear anything about that? Doubt it.

Protip: I have some experience with credit card equipment and encryption technology. Most card readers unless they look identical to ones on the right of the photo are using plain-text to process credit cards. Outside of the USA (in EU, etc) they use 100% encrypted readers, in the USA less than 20% are encrypted. When encrypted they are encrypted at the head, in transit and on the backend. Without encryption the device can scan a credit card into notepad and steal all of the data. Assume all of your data ever swiped into one of the readers on the right has been compromised. You should carry a card with a $500 or less limit and use it out and about and never use debit card in such a fashion.

209202
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top