In a destructive cyber assault, more than a hundred healthcare facilities in Romania have succumbed to a ransomware attack, causing significant disruptions to crucial operations and jeopardizing patient care, according to reports from local media.
The attack, directed at a widely utilized medical information system, unfolded overnight on Monday, forcing doctors and staff to resort to pen and paper as computer systems became inaccessible.
Romanian cyber authorities have acted promptly, stating that recent data backups have considerably mitigated the effects of the attack. The Ministry of Health, collaborating with IT professionals and cybersecurity experts from the National Cyber Security Directorate (DNSC), is actively probing the incident to uncover the culprits.
Hospitals Forced Offline Due to Ransomware Attack
As per the DNSC, the Pitesti Paediatric Hospital was the primary target of the attack, with 25 other hospitals subsequently affected. Among the affected hospitals are those catering to children and emergency cases, while additional medical centers have chosen to shut down their systems as a precautionary measure.
As investigations progress, an additional 79 healthcare facilities have opted to take their systems offline to determine if they have been compromised.
The perpetrators of the cyber attack have requested a significant ransom of 3.5 Bitcoin, amounting to more than £130,000, in exchange for decrypting the essential files they have maliciously encrypted.
While hospitals with recent data backups are anticipated to rebound relatively swiftly, the impact on patients is expected to be significant. Many hospitals have had to disconnect internet-connected devices as a precautionary measure, potentially impacting not only scheduling and record-keeping but also vital medical equipment such as MRI scanners.
This ransomware attack evokes memories of a similar incident that occurred in the United Kingdom in 2017. During that attack, 80 out of 236 hospital trusts across England experienced disruptions, resulting in the cancellation or rescheduling of nearly 7,000 appointments. The NHS recognized the necessity for improvement and implemented several changes in response.
Ransomware Attack Frequency
Ransomware attacks demanding Bitcoin payments are not uncommon. In September, the UK’s National Cyber Security Centre (NCSC) and National Crime Agency (NCA) released a report highlighting the rising frequency of such attacks.
In May 2017, the NHS encountered a significant ransomware threat known as the notorious “WannaCry” attack, causing extensive disruptions to hospitals nationwide. While the type of malware used in the Romanian attack has been identified, the responsible group remains unknown. The ransom demand includes only an email address, providing limited leads for authorities to pursue.
It’s worth noting that a 2023 report by Immunefi revealed that the top ten ransom payments globally totaled nearly $70 million in Bitcoin. The report also indicated that Russian hacking groups were predominantly responsible for deploying such malware. However, as of now, no entity has claimed responsibility for the ransomware attack on the Romanian hospitals.
This incident serves as a stark reminder of the persistent threat posed by cybercriminals and underscores the critical importance of robust cybersecurity measures to protect sensitive information and essential infrastructure.
