fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Irish Healthcare Shuts Down IT Systems After Conti Ransomware Attack

Irish Healthcare Shuts Down IT Systems After Conti Ransomware Attack

Ireland’s Health Service Executive (HSE), the country’s publicly funded healthcare system, has shut down all IT systems after its network was breached in a ransomware attack.

HSE Chief Executive Paul Reid told NewstalkFM that this is a “Conti human-operated ransomware attack that seeks to get access to data.”

This ransomware gang also hit the Scottish Environment Protection Agency (SEPA) on Christmas Eve, later publishing roughly 1.2 GB of stolen data on their dark web leak site.

Conti ransomware was first spotted in isolated attacks at the end of December 2019. It shares code with the notorious Ryuk Ransomware, whose TrickBot-powered distribution channels it took over after Ryuk activity dwindled in July 2020.

Conti operators are known for breaching enterprise networks and spreading laterally until gaining access to domain admin credentials which allow them to deploy the ransomware payloads filelessly, using reflective DLL injection techniques.

Conti operates as a private Ransomware-as-a-Service (RaaS) that recruits hackers to deploy the ransomware in exchange for large shares of any paid ransom.

A sample of the ransomware used in the HSE attack and shared with BleepingComputer appends the .FEEDC extension to encrypted files.

Conti HSE ransom note
Conti HSE ransom note

Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business

All HSE IT systems shut down

“There is a significant ransomware attack on the HSE IT systems,” the Irish national health service said.

“This has caused some disruption to our services. But most healthcare appointments will go ahead as planned.

“We have taken the precaution of shutting down all our IT systems in order to protect them from this attack and to allow us fully assess the situation with our own security partners.”

HSE Ireland also added that the country’s National Ambulance Service and emergency departments (EDs) operate normally, with no direct impact from the ransomware attack on ambulance dispatch and call handling.

Even though most hospital appointments are not affected, some hospitals are affected by service disruptions, including the Rotunda Maternity Hospital and the Cork University Hospital, where some appointments have been canceled (more info here.)

While COVID-19 vaccine appointments are not impacted and scheduled COVID-19 tests are going ahead as planned, the HSE will not be able to refer people for COVID-19 tests until systems are brought back online.

No info on the ransom demanded by Conti

Reid also told RTÉ earlier today that the threat actors behind this “very sophisticated attack” haven’t yet made a ransom demand.

He added that HSE’s security teams are currently investigating the incident to fully understand the effects of the incident.

“We apologize for inconvenience caused to patients and to the public and will give further information as it becomes available,” the HSE said.

In March, US hospital and healthcare services provider Universal Health Services (UHS) said that a Ryuk ransomware attack suffered in September 2020 had an estimated impact of $67 million.

The US government also warned the healthcare industry in October 2020 that a hacking group is targeting hospitals and healthcare providers in Ryuk ransomware attacks.

Also Read: Data Protection Officer Singapore | 10 FAQs

The ransomware attack on Ireland’s HSE comes one week after Colonial Pipeline, the largest US fuel pipeline, shut down operations after the DarkSide ransomware gang breached its network.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us