Remember meForgot password?
    Log in with Twitter

article imageCoronavirus testing facility suffers maze ransomware attack

By Tim Sandle     Mar 29, 2020 in Technology
A UK-based medical facility that have plans to test coronavirus vaccines, Hammersmith Medicines Research, has been hit by an attack from one of the ransomware groups that recently pledged to not target medical organizations during the COVID-19 pandemic.
With the activity, the attackers apparently managed to exfiltrate patient records and has published some of them on the dark web demanding for payment, according to Forbes. The healthcare facility also develops the Ebola vaccine and drugs to treat Alzheimer’s disease.
Malcolm Boyce, who is the clinical director of Hamersmith Medicines Research, says that that the Maze actors have published a post of their attack citing their organization as the ‘New client’ (Maze actors apparently call their victims as clients). The Maze group, Computer Weekly notes, extorts victims by encrypting the files of an organization and demanding a ransom payment to release the files.
Commenting on the attack for Digital Journal, Anurag Kahol, CTO, Bitglass says that: "The recent ransomware attack on Hammersmith Medicines Research further demonstrates that there is no action too despicable for cybercriminals. In this case, the bad actors behind the Maze ransomware attacks have specifically targeted a medical facility that is supporting the testing of vaccines for COVID-19; previously, this hacker group promised not to target healthcare organizations during the pandemic."
As to why the attack happened, Kahol states that: "Medical records are highly valuable on the dark web as they usually contain personally identifiable information, including a patient's full name, address, financial information, social security number, and more. The leak of this sensitive data puts the impacted patients at risk for identity theft and financial fraud for years to come."
There are other implication too, according to Kahol: "Consequently, the medical facility may face costly penalties for violating compliance regulations such as GDPR."
As to what healthcare facilities can consider for the future: "To prevent future attacks and safeguard patient information, healthcare organizations must have full visibility and control over their data", says Kahol.
He exapnds further: "This can be accomplished by leveraging multi-faceted solutions that defend against malware on any app or endpoint, enforce real-time access control, detect misconfigurations, encrypt sensitive data at rest, manage the sharing of data with external parties, and prevent data leakage.”
More about Ransomware, Cybersecurity, Cyberattack, Covid19, coronavirus
More news from
Latest News
Top News