Networks of medical clinics in Romania became victims of crypto ransomware

The Romanian National Directorate of Cyber Security (DNSC) reported that the computer networks of more than a hundred hospitals were hacked with programs extorting crypto assets..

The programs attacked IT systems, encrypting data and demanding a ransom of $174,000 in Bitcoin.

Romania's ongoing hospital ransomware attack is getting worse. Cyber security centre said last night that 21 hospitals have had computers encrypted. A chidren’s hospital was the first to get hit but now it’s spread. Computers in 79 other medical facilities have been unplugged pic.twitter.com/rdsX31VhFd

— Joe Tidy (@joetidy) February 13, 2024

The networks of 25 inpatient medical institutions using the Hipocrate information system (HIS) were directly affected by cyber extortionists.. The computers of another 79 hospitals were forcibly disconnected from communications networks.

Experts from the Romanian cybersecurity agency said that the attackers used the Backmydata application, a variant of the Phobos ransomware, to encrypt the data of affected medical institutions. DNSC recommended that hospital administrators do not turn off infected computers and ignore the hackers' demand for a ransom payment.

Last year, Chainalysis analysts said that criminals' revenue from ransomware had fallen by more than 40%.. The main reasons for the drop in income were enhanced computer security measures, as well as the reluctance of victims to pay compensation.