fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Brooklyn & Vermont Hospitals Are Latest Ryuk Ransomware Victims

Brooklyn & Vermont Hospitals Are Latest Ryuk Ransomware Victims

Wyckoff Heights Medical Center in Brooklyn and the University of Vermont Health Network are the latest victims of the Ryuk ransomware attack spree covering the healthcare industry across the U.S.

Yesterday, the U.S. government hosted an emergency call with stakeholders in the healthcare industry to alert them to an “increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.”

Later in the day, CISA issued a joint advisory publicly warning that U.S. hospitals and healthcare providers are actively targeted in cyberattacks deploying the Ryuk ransomware.

Charles Carmakal, senior vice president and CTO of Mandiant, told BleepingComputer that an Eastern European hacking group known as UNC1878 is responsible for these attacks and that they intend to attack hundreds of hospitals.

This week, Sky Lakes Medical Center in Oregon and St. Lawrence Health System in New York were hit in Ryuk ransomware attacks. Last month, hospital operator Universal Health Services was hit by a corporate-wide Ryuk attack, which impacted over 200 medical facilities nationwide.

In a new report released today, Check Point states that they have seen a 71% increase in ransomware attacks in October targeting the U.S. healthcare sector.

Wyckoff Hospital suffered a Ryuk attack yesterday

Today, an employee of Wycoff contacted BleepingComputer and stated that their hospital suffered a Ryuk ransomware attack yesterday.

Wyckoff Heights Medical Center is a 350-bed teaching hospital located in Brooklyn, NY.

To prevent the spread of the attack to other devices, we were told that Wyckoff Hospital shut down portions of their network, but by then, it was too late, and many of the devices had been encrypted.

Also Read: How To Prevent WhatsApp Hack: 7 Best Practices

It is unknown if the hospital is redirecting patients to other hospitals and what impact the attack has had on patients’ treatment.

BleepingComputer has reached out to Wyckoff for further comment but has not received a response.

Vermont network of hospitals hit as well

Today, the AP reported that the University of Vermont Health Network had suffered a cyberattack affecting all the hospitals in their network to varying degrees.

“The attack has caused variable impacts at each of our affiliates. Staff are continuing to follow well-practiced standby procedures to ensure safe patient care. We understand the difficulty this causes for our patients and the community and apologize for the impact. There have been some changes to patient appointments and we are attempting to reach those patients who have been affected. We will continue to provide systems and patient service updates when they are available,” read a statement from the University of Vermont Health Network.

The current status of each affected hospital is:

  • Alice Hyde Medical Center – Malone, NY – Maintaining all patient care services.
  • Central Vermont Medical Center – Berlin, VT – Maintaining all patient care services, but patients may experience delays
  • Champlain Valley Physicians Hospital – Plattsburgh, NY – Maintaining all patient care services, but physician practice patients may experience slight delays.
  • Elizabethtown Community Hospital – Elizabethtown, NY – Maintaining all patient care services.
  • Porter Medical Center – Middlebury, VT Maintaining all patient care services.
  • UVMHN Home Health and Hospice Maintaining all patient and resident care services
  • UVM Medical Center – Burlington, VT Rescheduling some elective procedures scheduled for Thursday, 10/29, with the hope of resuming procedures on Friday, 10/30.

The hospital network is working with the FBI and the Vermont Department of Public to investigate the attack.

“FBI Albany can confirm we are investigating a potential cyber attack at UVM Health, along with our federal, state and local partners. This is an active investigation, and we decline to comment further at this time,” the FBI told BleepingComputer in a statement.

It is unknown if Ryuk was utilized in this particular attack.

Cybersecurity firm offering free ransomware assistance

Hospitals that are forced to pay a Ryuk ransom need to be careful of using their decryptor as it is known to corrupt certain types of files.

Also Read: 15 Best Tools For Your Windows 10 Privacy Settings Setup

Emsisoft is offering free ransomware recovery services to healthcare organizations during the pandemic, which include custom decryptors that fix known decryption bugs and can recover files faster than the threat actor’s decryptors.

“There are multiple factors and it depends a bit on the hardware, but there are three major factors: We heavily optimised I/O (so the reading and writing has been optimised a lot and been adjusted for modern mass storage), we use hardware accelerated cryptography, and we make creating a backup first unnecessary, because unlike the TA’s tool, we operate on copies of data.”

“The real benefit is in the fact that we focus on data safety first. So our decryptors generally are more stable, are safer to use, and produce correct results,” Emsisoft CTO Fabian Wosar told BleepingComputer in a conversation.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us