At a time when healthcare is at the very forefront of people’s minds, a cyber-attack on Australia’s Macquarie Health Corporation is a stark reminder that organisations around Australia need to be pro-active in their approach to managing cybersecurity. Whilst many active ransomware groups have committed to forgoing attacks on medical targets in consideration of the current global situation, Hive is not one of them.
Private healthcare service Macquarie Health Corporation which has 12 hospitals, was subject to a ransomware attack by the group known as Hive or HiveLeaks. Under the banners of Macquarie Hospital Services, MacRehab, Macquarie Medical Systems, Derma Medical and Machealth eSolutions, the group provide surgical procedures, rehabilitation and mental health clinics, skin imaging and dermascopy, medical systems, cosmetic procedures, e-health informatics and data solutions.
Hive attacks systems running Microsoft’s Windows operating system. Researchers from infosec firm SentinelLabs describe Hive as a double-extortion ransomware group – “making their money off of a two-pronged attach: exfiltrating sensitive data before locking up the victim’s systems”.
On its website on the dark web, the attackers claim to have pilfered 225GB from Macquarie Health Corporation, including medical records, research, and personal data of 6717 people. The group has been known to target healthcare providers and hospitals as recently seen in their attack on Memorial Health System hospitals in Ohio. As at 13th October 2021, there were 30 victim companies listed on its Hive Leaks onion site.
Whilst Macquarie Health were able to take systems offline, and in an apology for the disruption said “it has not impacted our ability to deliver patient care” an update from the company said it was still experiencing “significant” impacts from the attack.
National Cyber Security News contacted Brett Callow, a seasoned ransomware threat researcher for comment. “Hive’s victims include multiple public sector organisations, including organisations in the healthcare and education sectors. It’s also a particularly problematic ransomware from a recovery perspective. Hive has an absurd crypto scheme that makes restoration even more time-consuming than usual, with coding making data loss a real possibility”.
So, what’s the solution? Witz Cybersecurity provide solutions with a selection of technologies currently deployed within Healthcare and Hospitals. CyberMDX is a world-wide leader in this arena providing a layered architecture to cybersecurity that protects each device, driving remediation and mitigation directly on medical and clinical assets.
Another technology, Cymptom, provides Data-driven cyber defense to mitigate security risk & gaps. We recently deployed a POC for a global Healthcare organisation which has helped them close their Cybersecurity gaps.
Can you say with certainty how secure your organisation is and what your Cybersecurity Posture is currently??
Please email Witz Cybersecurity to arrange a free POC (Proof of concept) or Demo. Don’t wait until you need to pay the ransomware or discover the cyber breach!
