- Professional Risk Insurance
- Private Clients
- Farms & Estates
- Commercial Clients
- Wholesale Insurance Broking
- Claims
- About
- Contact
- Log in
20.03.24
More than 100 Romanian hospitals have been hit by a ransomware attack following a cyber-incident that targeted a third-party supplier. Dozens of hospitals were left offline, with some resorting to the use of pen and paper to continue operating. The attackers demanded a ransom of £130,000 (although the actual demand was in Bitcoins) to release the data stolen in the breach.
This event showcases the dangers that third-party software can pose. Specifically, malicious actors can exploit vulnerabilities in third-party software to introduce harmful code or launch attacks.
The following article provides more details about the incident and offers tips for businesses to prevent ransomware attacks and third-party breaches.
The ransomware attack occurred between 10th and 12th February 2024, starting with the Pitesti Paediatric Hospital and impacting at least 25 others, according to the National Cyber Security Directorate. Additionally, 79 hospitals were forced offline while investigators determined if they had been affected.
The main target of the attack was a third-party healthcare management system platform used by hospitals to store patient data. The attack encrypted hospital data, and the threat actors responsible—whose identities are currently unknown—demanded a ransom for the data’s safe release. Although most hospitals had recently backed up their data, one hadn’t done so for 12 days, significantly impacting their recovery. Furthermore, some hospitals had to switch off internet-connected devices as a precaution, meaning health-critical machines like MRI scanners could have been affected.
The UK has seen similar attacks; in 2017, the NHS was brought to a standstill due to a WannaCry outbreak, and more recently, a third-party software compromise left several NHS Trusts unable to access patient data for months during 2022.
Besides, it’s not just healthcare facilities at risk; all business types can be hit by ransomware attacks and be left unable to trade, or worse still, with their reputation in tatters.
This event emphasises how important it is for businesses to have appropriate cyber-security measures to help protect against ransomware attack losses. Here are some best practices for organisations to consider:
As ransomware attacks evolve and threat actors continue to target multiple organisations through third-party software, businesses should make it a priority to consistently review their potential exposures and update their mitigation techniques whenever necessary.
Contact us today for additional risk management guidance and insurance solutions.
The cyber-threat information provided by Zywave and contributed by Lisa Langley, Cert CII, Team Leader, Professional Risks, Cox Mahon Ltd.