Repulsed Ransomware Attack on Irish Health Ministry

Not only was Ireland's healthcare system the target of a ransomware attack last week , the Irish Ministry of Health was also under attack. However, this last attack could be repulsed. The Irish National Cyber ​​Security Center ( NCSC ) reports this in a report ( pdf ).

Last Thursday, suspicious activity was observed on the ministry's network. Preliminary investigation pointed to the possible presence of Cobalt Strike Beacon. This is a remote access tool that attackers use to move laterally through an environment before ransomware is deployed.

Last Friday morning, Irish healthcare was attacked, causing all kinds of disruptions within hospitals. As a result of the attack, several systems were shut down and the health care system decided to shut down other systems as a precaution.

At around the same time, an attack on the Irish Department of Health network was also observed. A combination of available anti-virus software and the rollout of tools during the earlier investigation was able to stop the spread of the Conti ransomware. Ireland's health care system continues to struggle with the attack, which can cause patient appointments to be canceled or serious delays.

Previous Post Next Post