Cyber Ransom Attacks On The Rise, As Toyota And Melbourne Hospital Become Latest Victims
A major Melbourne hospital and car manufacturer Toyota have had their systems infiltrated by hackers.
A cyber crime syndicate accessed the medical files of 15,000 patients at Melbourne Heart Group at Melbourne's Cabrini Hospital.
The Age reported a cyber crime syndicate is at the centre of the attack which is now under investigation.
Records from the Melbourne Heart Group, which is based inside the hospital at Malvern, were rearranged when they were accessed by the group. Medical professionals were unable to access some patient files for as long as three weeks.
The attack corrupted data in the system and completely crippled its servers.
The Melbourne Heart Group operates independently of Cabrini Hospital, using their own IT systems and equipment. 10 daily understands Cabrini patient records were not compromised in the cyber attack.
"Data storage and other information systems in specialist suites are owned and managed by the specialists, not by Cabrini. The specialists are not employees of Cabrini," Cabrini Chief Executive Dr Michael Walsh said in a statement.
"No Cabrini data storage or patient related systems or operations have been impacted or compromised by this incident and there has been no breach of hospital patient data. Cabrini is providing support to Melbourne Heart Group in relation to this incident."
It is believed the records were hacked by malware originating from either North Korea or Russia, but this is yet to be confirmed.
The group behind the data breach demanded a ransom be paid by cryptocurrency. The Age reported the payment was made, but that some of the patient documents have been seriously corrupted and cannot be accessed.
Meanwhile, Toyota Australia has confirmed it has been subject to an attempted cyber attack.
"At this stage, we believe no private employee or customer data has been accessed," Toyota said in a statement.
"The threat is being managed by our IT department who is working closely with international cyber security experts to get systems up and running again."
Toyota was unable to reveal the origins of the attempted attack.
These hacks come just days after Prime Minister Scott Morrison revealed Australia's major political parties were hacked by a foreign government.
The rate at which hacking groups are using malware to manipulate systems has increased dramatically.
New research from software company Symantec shows that one in 10 targeted attack groups now use malware to disrupt and destroy business systems. That's up a whopping 25 percent since 2017.
Recently, hacking groups have moved to infiltrating businesses likely to pay a larger ransom to re-access their information.
"They do this because it's where the money is that," Chief Technology Officer of Symantec Asia Pacific Nick Savvides told 10 daily.
"Criminals are motivated by money and they want to monetise their ransom service in what is called a 'denial of service attack.'"
Essentially, a denial of service attack is the taking down of a website to hinder whatever service it offers. Hackers will demand a certain sum of money to re-activate the service of the site.
According to Savvides, criminals will attempt to accesses other's information either to receive a ransom payment, or access personal information to facilitate identity fraud.
"They lock up the business from the inside and they want money to release those things to you, they are holding up your system to get a ransom. They are holding the information hostage," Savvides said.
There are a number of ways businesses and individuals can protect themselves from being hacked. Savvdies recommended ensuring good security hygiene by educating workers and customers about how to be safe in a digital environment.
He also recommended backing up files and using multi-factor authentication with all professional and private accounts.
"People are lazy, they use the same passwords. People have hundreds of accounts but generally just five passwords," Savvides said.
"The problem you have if you've leaked one of your passwords in a previous data breach,they have your email address and password and they retry these .
"They are very smart and clever at doing this."
Featured Image: Getty Images.
Contact Siobhan at firstname.lastname@example.org