Ransomware Attack Hits Over 100 Romanian Hospitals
More than 100 hospitals in Romania were targeted in a crypto ransomware attack, resulting in their IT systems being taken offline and data being encrypted. The attackers, who remain unidentified, have demanded a ransom of 3.5 Bitcoin (BTC), equivalent to about $180,000, to decrypt the data.
Hospitals Paralyzed by Ransomware
The ransomware attack has affected 100 hospitals in Romania, forcing them to operate offline and disrupting their IT systems. The data has been encrypted by the attackers.
Investigation Underway
The National Cyber Security Directorate and other IT specialists are investigating the attack on the 25 hospitals in Romania that use the Hipocrate Information System (HIS). The Ministry of Health stated that the system is down and files and databases are encrypted. It did not disclose whether they intend to pay the ransom demanded in Bitcoin.
Backmydata Ransomware Variant
The ransomware used in the attack, known as “Backmydata,” is a variant of the Phobos malware family. It is distributed through hacked Remote Desktop connections. The attackers threaten to sell confidential data if negotiations fail and state that only payment in digital assets will result in data decryption.
Bitcoin Demands in Ransomware Attacks
This incident is not unique, as attackers have previously demanded Bitcoin as ransom payment. Similarities can be drawn with the WannaCry attack on the UK’s National Health Service (NHS) in 2017. Ransomware payments reached $1 billion in 2023, according to Chainalysis, with notable victims including the BBC and British Airways.
Conclusion
The ransomware attack on Romanian hospitals highlights the ongoing threat posed by cybercriminals. As attackers continue to target organizations worldwide, it is crucial for institutions to prioritize cybersecurity measures and remain vigilant against potential ransomware attacks.