[BreachExchange] Czech hospital hit by cyberattack while in the midst of a COVID-19 outbreak

Mon Mar 16 10:16:09 EDT 2020

https://www.zdnet.com/article/czech-hospital-hit-by-cyber-attack-while-in-the-midst-of-a-covid-19-outbreak/

The Brno University Hospital in the city of Brno, Czech Republic, has
been hit by a cyberattack right in the middle of a COVID-19 outbreak
that is picking up steam in the small central European country.

Hospital officials have not revealed the nature of the security
breach; however, the incident was deemed severe enough to postpone
urgent surgical interventions, and re-route new acute patients to
nearby St. Anne's University Hospital, local media reported.

The hospital was forced to shut down its entire IT network during the
incident, and two other of the hospital's branches, the Children's
Hospital and the Maternity Hospital, were also impacted.

The infection took root at around 5 a.m. in the morning, local time,
Peter Gramantik, a patient in the hospital at the time, and a security
researcher with Sucuri told ZDNet via email today.

"The hospital public announcement system started to repeat the message
that all personnel should immediately shut down all computers due to
'cybernetic security'," Gramantik told us.

"This message was repeated like every 30 minutes.

"Around 8 a.m. there was another public announcement that all the
surgeries are cancelled," Gramantik said, who was then sent home.

Following the incident's onset, teams from the Czech National Cyber
Security Center (NCSC), Czech police (NCOZ) and hospital's IT staff
are now working together on-site to recover the hospital's IT network.

HOSPITAL IS A COVID-19 TESTING CENTER

The incident is considered a severe one and treated with the utmost
urgency because the Brno University Hospital is one of the Czech
Republic's biggest COVID-19 testing laboratories.

By the time of publishing, it remained unclear if the hospital's
coronavirus testing capability was impacted, even temporarily, by the
cyber-attack.

According to the latest statistics, there have been 117 infections
confirmed in the Czech Republic, as the extremely viral disease
appears to be just getting started spreading inside the small country,
and the hospital's full testing capabilities are sorely needed right
now.

Unfortunately, despite the global COVID-19 outbreak, hackers have not
eased operations, not regular cybercriminals and not advanced
state-sponsored groups.

Earlier this week, the Champaign-Urbana Public Health District systems
were hit by ransomware; however, the institution was not handling
COVID-19 testing, as the Brno hospital was.

abuse.ch at abuse_ch

I really hope that bad guys step back in the coming weeks and do not
attack & encrypted hospitals with ransomware#coronavirus

154
6:59 AM - Mar 13, 2020
Twitter Ads info and privacy

69 people are talking about this

"At times of crisis, hackers see opportunity," Flavius Plesu, founder
and CEO of human risk intelligence firm OutThink, told ZDNet today.
"At times of increased risk, security teams must be extra vigilant and
understand that the risk of a cyberattack is much higher than usual as
hackers try to take advantage of tired, overstretched staff that
potentially have their guards down."