No data stolen in Victoria hospital attack
A forensic investigation of the recent cyber attack on some Victorian regional hospitals and health services has uncovered no evidence that any patient data has been stolen.
The ransomware attack on hospitals and health services in Gippsland and Southwest Victoria on 30 September began with a phishing email sent to a hospital employee, the investigation found.
The email was used to implant a virus onto the hospital’s computer network allowing the attackers to gain unauthorised access.
Once inside, the attackers spread their virus across the network, leading to the ransomware infection of some servers controlling important clinical, medical and corporate systems.
Staff were able to contain the spread of the malware to just a portion of the hospital’s network.
While the attack bears all the hallmarks of a financially motivated ransomware attack, the state government has to date received no specific ransom demand, according to the Department of Premier and Cabinet.
Regardless, the state has no intention of paying any ransom to the cybercriminals, the department said in a statement.
“This incident provides a useful reminder about the importance of cyber security. Despite the many protections put in place by the hospitals to protect their computer networks, cyber criminals worked hard to get inside,” the statement reads.
“Cyber security is a business risk that all organisations must act on.”
Government invests in counter-drone capabilities for Defence Force
The Australian Government is accelerating the acquisition of counter-drone capabilities for the...
ISACA launches AI-centric certification for security professionals
The Advanced in AI Security Management (AAISM) certification focuses on the implement AI...
CyberCX to be bought out by Accenture
Accenture has arranged to make its largest cybersecurity acquisition to date through the purchase...
