Suspected Chinese Hackers Behind Attack On Israeli Hospitals

Share post:

Local media reports have attributed the latest ransomware attack, which targeted the systems of nine health institutes in the country, to a Chinese group of actors who use the ransomware strain “DeepBlueMagic.”

Responding to the attack earlier this week, Reuven Eliyahu, the head of cybersecurity at the Health Ministry, confirmed that it was carried out by Chinese hackers and said the actors’ motives were “purely financial.”

He said in an interview with Army Radio: “This is probably a Chinese hacker group that broke away from another group and started working in August.” However, a cybersecurity industry source takes a different view, claiming that the affiliation to China is weak and that the attacks in question may have been just port scans or probes to ward off a network.

Before the attack at the weekend, an attack on the Hillel Yaffe Medical Centre on Wednesday, the health sector carried out numerous defensive activities to identify and secure open vulnerabilities, which was a major reason that the attack did not cause any damage to hospitals or medical organizations.

The Israeli National Cyber Directorate also published indicators of compromise (IOCs) where the authority proposes that Isreali organizations carry out various procedures, including checking the IOCs in the CVS file, conducting an active scan of all systems, ensuring that all VPN and email servers are updated to the latest version, updating all servers and performing password resets for all users, intensifying monitoring of unusual events on corporate networks, and finally reporting violations or unusual activities to the Israeli National Cyber Directorate.

For more information, read the original story in Bleeping Computer.

Featured Tech Jobs



Related articles

Gartner debunks myths undermining cybersecurity success

Henrique Teixeira, Senior Director Analyst at Gartner, and Leigh McMullen, Distinguished VP Analyst at Gartner, highlighted and disproved...

Toyota discloses customer data breach

Toyota has disclosed that customer information from Japan and other countries in Asia and Oceania was publicly available...

Critical Vulnerability found in MOVEit

Progress Software has warned about a critical vulnerability in its popular file-transfer software, MOVEit, which could allow malicious...

Canadian Defence Minister concerned over increasing cyberattacks

Canadian Defence Minister Anita Anand has issued a warning that the country's key infrastructure is more vulnerable to...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways