Israel’s Ministry of Health and the National Cyber Directorate have warned of an increase in ransomware attacks that targeted at least nine hospitals and health organizations in the country in recent days.
In a joint statement the ministry and the National Cyber Directorate did not name any specific targets but said that “early assessments and a quick response from the center and staff on the ground halted the attempts and no damage was done.”
“In recent days, the Ministry of Health and the National Cyber System have been carrying out many activities with bodies in the health sector to further strengthen the level of protection while identifying new vulnerabilities in the area that may be used for attacks,” the two authorities said.
The statement was released following a ransomware attack against the Hillel Yaffe Medical Center in Hadera that led to the shutdown of the hospital’s computer systems. The attack occurred in early hours on Wednesday, October 13, and affected hospital’s computer systems forcing hospital staff to resort to logging admissions with pen and paper. However, urgent medical services continued as usual as Hillel Yaffe switched to alternate systems.
Health Ministry cybersecurity chief Reuven Eliyahu said that the ransomware attack on Hillel Yaffe Hospital was likely carried out by Chinese hackers whose motives were “purely financial.”
“This is probably a Chinese hacker group that broke away from another group and started working in August,” Eliyahu said in an interview on Army Radio. “The motive for the attack was purely financial.”
According to Israeli news outlets, the attack was attributed to DeepBlueMagic, a new ransomware strain, discovered in August 2021, which can disable security tools implemented by organizations. According to researchers at Heimdal Security, who discovered this threat, once security tools are disabled, the ransomware is deployed and encrypts entire hard drives, except for the system drive. DeepBlueMagic also uses other tools to make the recovery of the drives impossible.