Suspected Chinese Hackers Behind Attack On Israeli Hospitals

Share post:

Local media reports have attributed the latest ransomware attack, which targeted the systems of nine health institutes in the country, to a Chinese group of actors who use the ransomware strain “DeepBlueMagic.”

Responding to the attack earlier this week, Reuven Eliyahu, the head of cybersecurity at the Health Ministry, confirmed that it was carried out by Chinese hackers and said the actors’ motives were “purely financial.”

He said in an interview with Army Radio: “This is probably a Chinese hacker group that broke away from another group and started working in August.” However, a cybersecurity industry source takes a different view, claiming that the affiliation to China is weak and that the attacks in question may have been just port scans or probes to ward off a network.

Before the attack at the weekend, an attack on the Hillel Yaffe Medical Centre on Wednesday, the health sector carried out numerous defensive activities to identify and secure open vulnerabilities, which was a major reason that the attack did not cause any damage to hospitals or medical organizations.

The Israeli National Cyber Directorate also published indicators of compromise (IOCs) where the authority proposes that Isreali organizations carry out various procedures, including checking the IOCs in the CVS file, conducting an active scan of all systems, ensuring that all VPN and email servers are updated to the latest version, updating all servers and performing password resets for all users, intensifying monitoring of unusual events on corporate networks, and finally reporting violations or unusual activities to the Israeli National Cyber Directorate.

For more information, read the original story in Bleeping Computer.

SUBSCRIBE NOW

Related articles

Russian State-Backed Cyber Attack Exploits Zero-Day Vulnerabilities in Windows and Firefox

Headline: A sophisticated cyberattack leveraging two chained zero-day vulnerabilities in Mozilla Firefox and Microsoft Windows has been confirmed by...

Starbucks Forced to Pay Baristas Manually After Ransomware Attack

A ransomware attack on Blue Yonder, a third-party scheduling software provider, has disrupted Starbucks’ ability to manage employee...

Google Launches Free Cybersecurity Certificate for Entry-Level Jobs

Google has introduced a new Cybersecurity Professional Certificate, aimed at preparing students for entry-level roles in just six...

Critical Vulnerability Leaves Millions Of Sites Vulnerable To Takeover

A severe authentication bypass vulnerability has been discovered in the WordPress plugin "Really Simple Security" (formerly *Really Simple...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways