Hacker demands nothing after infecting Hong Kong Department of Health with ransomware
An incident that can only be described as strange occurred in Hong Kong last month when an unknown attacker used ransomware to lock up three computers owned by the country”s main healthcare provider, only to leave an email address where he could be reached to offer the decryption keys.
Established in 1939, Hong Kong’s Department of Health issues healthcare policies and provisions basic healthcare services in the fourth-most densely populated region in the world.
As reported by the South China Morning Post, soon after Singapore”s SingHealth incurred the country”s biggest data breach, Hong Kong”s Department of Health became the latest victim of a cyberattack. Three of its computers were infected with ransomware, prompting police to open an investigation.
The attacker(s) targeted computers at the Infection Control Branch, Clinical Genetic Service and Drug Office. The three departments were reportedly infiltrated in the two weeks since July 15.
“Files stored on the computers were encrypted by ransomware, and an email address to contact for a decryption key was left behind, but no ransom was demanded,” a spokeswoman told the press.
After infecting a targeted system, ransomware operators typically leave a Bitcoin wallet address where victims can dump a specified amount of digital currency in exchange for the decryption keys. It was not the case in this instance, though investigators still believe the attackers were after some form of profit.
Not only did the three computers not contain any valuable information, but the data stored on them was also backed up, the spokeswoman confirmed to the press. Furthermore, investigators found no evidence of any data leak.
All in all, this ransomware attempt seems to have had zero consequences for its victims. However, this is just the latest in a long string of attacks targeting the healthcare sector at a global level. Some of the reported cases ended up with dire consequences, both for the HCPs and their clients (patients).
If this case is any indication, keeping regular offline backups of your data is one of the best ways to thwart ransomware attacks. Not having to give into a ransom demand is key to discouraging future attempts on your infrastructure.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
Mobile security threats: reality or myth?
June 13, 2021
FOLLOW US ON
You might also like
July 23, 2021
July 22, 2021
July 20, 2021