2 min read

Hacker demands nothing after infecting Hong Kong Department of Health with ransomware

Filip TRUȚĂ

August 03, 2018

Hacker demands nothing after infecting Hong Kong Department of Health with ransomware

An incident that can only be described as strange occurred in Hong Kong last month when an unknown attacker used ransomware to lock up three computers owned by the country”s main healthcare provider, only to leave an email address where he could be reached to offer the decryption keys.

Established in 1939, Hong Kong’s Department of Health issues healthcare policies and provisions basic healthcare services in the fourth-most densely populated region in the world.

As reported by the South China Morning Post, soon after Singapore”s SingHealth incurred the country”s biggest data breach, Hong Kong”s Department of Health became the latest victim of a cyberattack. Three of its computers were infected with ransomware, prompting police to open an investigation.

The attacker(s) targeted computers at the Infection Control Branch, Clinical Genetic Service and Drug Office. The three departments were reportedly infiltrated in the two weeks since July 15.

“Files stored on the computers were encrypted by ransomware, and an email address to contact for a decryption key was left behind, but no ransom was demanded,” a spokeswoman told the press.

After infecting a targeted system, ransomware operators typically leave a Bitcoin wallet address where victims can dump a specified amount of digital currency in exchange for the decryption keys. It was not the case in this instance, though investigators still believe the attackers were after some form of profit.

Not only did the three computers not contain any valuable information, but the data stored on them was also backed up, the spokeswoman confirmed to the press. Furthermore, investigators found no evidence of any data leak.

All in all, this ransomware attempt seems to have had zero consequences for its victims. However, this is just the latest in a long string of attacks targeting the healthcare sector at a global level. Some of the reported cases ended up with dire consequences, both for the HCPs and their clients (patients).

If this case is any indication, keeping regular offline backups of your data is one of the best ways to thwart ransomware attacks. Not having to give into a ransom demand is key to discouraging future attempts on your infrastructure.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read
Homoglyph domains used in BEC scams shut down by Microsoft Homoglyph domains used in BEC scams shut down by Microsoft
Graham CLULEY

July 22, 2021

3 min read
China Sets Up New Worrying Vulnerability Disclosure Rules China Sets Up New Worrying Vulnerability Disclosure Rules
Silviu STAHIE

July 20, 2021

1 min read