Suspected Chinese Hackers Behind Attack On Israeli Hospitals

Share post:

Local media reports have attributed the latest ransomware attack, which targeted the systems of nine health institutes in the country, to a Chinese group of actors who use the ransomware strain “DeepBlueMagic.”

Responding to the attack earlier this week, Reuven Eliyahu, the head of cybersecurity at the Health Ministry, confirmed that it was carried out by Chinese hackers and said the actors’ motives were “purely financial.”

He said in an interview with Army Radio: “This is probably a Chinese hacker group that broke away from another group and started working in August.” However, a cybersecurity industry source takes a different view, claiming that the affiliation to China is weak and that the attacks in question may have been just port scans or probes to ward off a network.

Before the attack at the weekend, an attack on the Hillel Yaffe Medical Centre on Wednesday, the health sector carried out numerous defensive activities to identify and secure open vulnerabilities, which was a major reason that the attack did not cause any damage to hospitals or medical organizations.

The Israeli National Cyber Directorate also published indicators of compromise (IOCs) where the authority proposes that Isreali organizations carry out various procedures, including checking the IOCs in the CVS file, conducting an active scan of all systems, ensuring that all VPN and email servers are updated to the latest version, updating all servers and performing password resets for all users, intensifying monitoring of unusual events on corporate networks, and finally reporting violations or unusual activities to the Israeli National Cyber Directorate.

For more information, read the original story in Bleeping Computer.

SUBSCRIBE NOW

Related articles

Cyber Security Today, May 24, 2024 – A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more

A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more. Welcome to Cyber Security...

Canada centralizing cybersecurity efforts of federal IT departments

Federal departments and agencies are making only marginal progress in improving their cyber maturity, Ottawa said Wednesday as...

Cyber Security Today, May 22, 2024 – LockBit ransomware gang hits more victims, Fluent Bit servers need to be updated, and more

LockBit ransomware gang hits more victims, Fluent Bit servers need to be updated, and more. Welcome to Cyber Security...

Google criticizes Microsoft’s security practices in new report

Google has publicly criticized Microsoft for a series of security missteps, suggesting that organizations might consider more secure...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways