Over a hundred Romanian hospitals affected by ransomware attack

Cyber Security, News

  • 20 February 2024
Over a hundred Romanian hospitals affected by ransomware attack
Jordan Sollof
November 24, 2021

Over a hundred healthcare facilities in Romania were hit by a ransomware attack last week, with some hospitals left with no choice but to take their systems offline and use pen and paper.

The cyber criminals demanded 3.5 Bitcoin, worth over £130,000, to unlock important files that they had encrypted. However, Romanian cyber officials confirmed that data had recently been backed up, minimising the impact.

The Romanian Ministry of Health released a statement last Monday night following the attack, confirming: “During the night of February 11 to 12, 2024, a massive cyber ransomware attack took place on the production servers on which the HIS IT system runs. As a result of the attack, the system is down, files and databases are encrypted.”

The incident was under investigation by IT specialists, including cyber security experts from the National Cyber Security Directorate (DNSC), the ministry stated.

The DNSC said 25 hospitals were affected by the attack, with The Pitesti Paediatric Hospital hit first, which has since prompted 79 other healthcare organisations to be taken offline while investigations were carried out to find out if they had been affected.

The latest update from the DNSC came on Friday 16 February, where instructions were provided to all health entities, regardless of whether or not they have been affected by the ‘Backmydata’ ransomware attack, for the use of DNSC-YARA scan script, which scans and detects malware files.

The impact on patients is expected to be significant, as dozens of hospitals have switched off internet connected devices as a precaution, which could affect booking, records and machines such as MRI scanners.

Gerasim Hovhannisyan, CEO and co-founder of cyber security company EasyDMARC, said: ““As Romanian healthcare workers move towards pen and paper in the wake of the recent ransomware attack, we’re reminded of the importance of a detailed incidence response plan for all organisations, especially those that fall under the category of critical infrastructure.”

“As networks and systems become increasingly connected, operating more and more online, disruptions to the likes of hospitals and ambulance services can jeopardise patient care and safety. As a result, cyber-attacks shouldn’t be treated as a possibility, but a certainty, and a plan detailing how to operate without access to IT systems should be in place.”

This is one of the largest national level disruptions to a European healthcare system since the ransomware attack in the Republic of Ireland in 2021.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Prev News

Flow Neuroscience trials drug-free depression treatment for NHS clinicians

Next News

Digital Health Coffee Time Briefing ☕

Related News

Digital Health Unplugged: 2024 Year in Review
Podcast December 12, 2024

Digital Health Unplugged: 2024 Year in Review

In the final Unplugged of the year, the Digital Health news team reflect on the biggest stories covered in 2024 and look ahead to 2025.
Two more Liverpool hospitals impacted by Alder Hey cyber attack
News December 5, 2024

Two more Liverpool hospitals impacted by Alder Hey cyber attack

Alder Hey Children's NHS Foundation Trust has announced that the cyber attack it suffered last week has impacted two more hospitals.
Synnovis staff to strike following ‘alarming impact’ of cyber attack
News December 5, 2024

Synnovis staff to strike following ‘alarming impact’ of cyber attack

Staff working for NHS pathology provider Synnovis have announced plans to strike for five days, following a major cyber attack in June 2024.