Several cyber-attacks were prevented by Israel’s Health Ministry’s Cyber Security Center over this past weekend, the Health Ministry reported on 17 October. Some 627 cyberattacks per organization were observed in Israel’s health sector – 72% more than the average on previous weekends, Check Point said. These attacks are more than in any other sector, where there was an average of 267 attacks per organization and no significant increase, the cyber security firm noted.[1]
Barzilai Medical Center in Ashkelon Israel was among the hospitals that were targeted. Check Point said that it believes one of the reasons for the increase is that hackers might think that, due to the successful attack against the Hillel Yaffe Medical Center in Hadera last week, that the Israeli health sector is not properly protected. As was reported last week, the health sector is being “significantly attacked.” In fact, there has been a nearly 600% increase in the number of reports of ransomware attacks by Israel in the last 19 months – between January 2020 and September 2021. This according to a report published last week by the cybersecurity firm VirusTotal. The “Ransomware Activity Report” reviewed 80 million ransomware samples from more than 130 different ransomware families targeting more than 140 countries.
Israel topped the list of most targeted countries based on the number of submissions, followed by South Korea, Vietnam, China, Singapore, India, Kazakhstan, Philippines, Iran and the United Kingdom. The report also showed that Windows accounts for 95% of the ransomware targets, compared to 2% for Android.
Last week the Hillel Yaffe was hit with a ransomware attack that targeted its computer systems and succeeded in penetrating its IT infrastructure. The group of hackers who targeted the Hillel Yaffe was also responsible for a similar attack against a US hospital, where they asked for $10 million in ransom, Israeli media reported. According to Ynet, the ransomware is known as DeepBlueMagic. It was first identified by Danish security firm Heimdal, the US legal journal National Law Review reported in August. This particular type of ransomware utilizes an innovative kind of encryption and is especially dangerous because it manages to circumvent protection tools installed in the system to protect it.
While Hillel Yaffe has continued to work on alternate systems to receive and treat critical patients, as of 17 October, the hospital staff and the Health Ministry were still working on returning its IT systems to full function with additional protection. At the same time, the ministry and the Cyber Security National Authority have been working on strengthening the level of protection in all of Israel’s health care organizations.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.wapacklabs.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/3702558539639477516
[1] https://www.jpost.com/breaking-news/cyberattack-attempts-towards-israeli-hospitals-thwarted-govt-682221
Comments
“This is probably a Chinese hacker group that broke away from another group and started working in August,” Eliyahu said in an interview on Army Radio. “The motive for the attack was purely financial.” Source: https://www.timesofisrael.com/top-cyber-official-hospital-attack-pu...