No data stolen in Victoria hospital attack

A forensic investigation of the recent cyber attack on some Victorian regional hospitals and health services has uncovered no evidence that any patient data has been stolen.

The ransomware attack on hospitals and health services in Gippsland and Southwest Victoria on 30 September began with a phishing email sent to a hospital employee, the investigation found.

The email was used to implant a virus onto the hospital’s computer network allowing the attackers to gain unauthorised access.

Once inside, the attackers spread their virus across the network, leading to the ransomware infection of some servers controlling important clinical, medical and corporate systems.

Staff were able to contain the spread of the malware to just a portion of the hospital’s network.

While the attack bears all the hallmarks of a financially motivated ransomware attack, the state government has to date received no specific ransom demand, according to the Department of Premier and Cabinet.

Regardless, the state has no intention of paying any ransom to the cybercriminals, the department said in a statement.

“This incident provides a useful reminder about the importance of cyber security. Despite the many protections put in place by the hospitals to protect their computer networks, cyber criminals worked hard to get inside,” the statement reads.

“Cyber security is a business risk that all organisations must act on.”

Image credit: ©iStockphoto.com/Factoria Singular