Ransomware hackers stole data from more than 0.5 million hospital patients "Red Cross"

The first known result unprecedented hacker attack on Athens hospitals was the hacking and theft of personal data of more than 515 thousand patients of the Red Cross Hospital (ICRC) in Athens.

Greek edition cathimerini reported that unknown perpetrators managed to break into the server of an IT company in Switzerland, with which the organization is partnering to store data from a global network of family rehabilitation. The data came from 60 departments of the organization around the world.

“Access has now been revoked for all users of systems that have been compromised, and efforts are being made to find short-term solutions that will allow ICRC staff around the world to continue providing their services to people who have requested ICRC family rehabilitation support,” a spokesperson for the organization said in a statement. Greece.

While the details of the attack are not specified. In response to a K question, Crystal Wells, the representative of the International Committee of the Red Cross in Geneva, stated that this was not a ransomware attack. In this popular form of cyberattack, criminals encrypt victim files and demand a ransom in cryptocurrency for their decryption. It appears that the ICRC has not yet been asked to do so. “We know that they violated our system and that they had access to our data. We do not know who is behind this attack and what their motives may be.”

According to her, the nature of the attack means that they cannot guarantee the integrity of their systems because of this and have taken the affected servers offline. “Every day, the International Red Cross and Red Crescent Movement helps reunite 12 people with their families. A cyberattack like this jeopardizes this important work,” a spokeswoman for the organization said.

Hacked databases contain data on missing refugees and migrants whose whereabouts their relatives are trying to find. The program also facilitates contact between Aegean shipwreck survivors and their families in Greece and helps reunite relatives who went missing during the refugee journey.

It is noteworthy that on the same day an attack was carried out and presumably server hacking military hospital ΝΙΜΤΣ, and at least 3 major metropolitan hospitals – Attikon, Sotiria and Asklepion in Voula.

The fact that the system was hacked was confirmed by the head of the 1st Attica Health District (1ης ΥΠΕ) and ΝΙΜΤΣ (army medical service), Panagiotis Stathis, according to iefimerida. These are the three largest hospitals in Attica, on whose shoulders the burden of the pandemic has fallen.

“Hackers have blocked hospital accounts, and the first task was to protect the firewall, that is, to create a security wall from intruders. The server for Sotiria and Asklipieu hospitals is located in the control room of the 1st ΥΠΕ, I have no idea what is happening in NIMTS, as this is under the responsibility of the Ministry of Defense,” said Mr. Statis

The attack effectively destroyed the administrative services of the hospitals. “The necessary work is being done manually these days,” says Panagiotis Statis, specifying that there is no information about cybercriminals yet.

“The National Cybersecurity Authority has already been approached, as this is a matter of the country’s security,” he emphasizes. At the same time, the company managing the server is trying to create a backup to protect the files. The server in the control room of the 1st ΥΠΕ has been operating since 2003, serving the clinics of Sotiria and Asklepion.

The military, as well as the Greek Ministry of Health, have not yet commented on the topic, but apparently, the attack was carried out either by one group of hackers, or was coordinated. It is also quite possible that all this became available thanks to the access to the ICRC obtained by hackers.
It is no secret that the Greek authorities outsource the maintenance and hosting of servers with sensitive data to private companies, often located outside the country.

.



Source link