Security Market Segment LS
Saturday, 09 October 2021 06:38

Macquarie Health Corporation hit by Windows Hive ransomware Featured

By
Macquarie Health Corporation hit by Windows Hive ransomware Image by Rajesh Balouria from Pixabay

Macquarie Health Corporation has announced that it has suffered what it describes as a "cyber incident", that has led to it taking its IT systems offline "as a precaution".

iTWire understands the "cyber incident" is a ransomware attack, in this case by a group known as Hive or HiveLeaks that attacks systems running Microsoft's Windows operating system.

Researchers from infosec firm SentinelLabs describe Hive as a double-extortion ransomware group — "making their money off of a two-pronged attack: exfiltrating sensitive data before locking up the victims’ systems" — that first made its presence known in June this year.

Jim Walter and Juan Andres Guerrero-Saade said in a blog post about Hive in August: "The group is notable in its undiscerning choice of targets, having no limits when it comes to healthcare providers and hospitals, as evidenced in a recent attack on Memorial Health System hospitals in Ohio.

"Hive ransomware is written in Go to take advantage of the language’s concurrency features to encrypt files faster. Hive remains active with as many as 30 victim companies listed on its Hive Leaks onion site at the time of writing."

And they added: "While many active ransomware groups have committed to forgoing attacks on medical targets in deference to the current global situation, Hive is not one of them.

"On 15 August, news broke of a Hive campaign against Memorial Health System, an Ohio healthcare provider. As a result, the hospital was forced to advise some patients to seek treatment at separate facilities."

On its website on the dark web, the attackers claimed to have pilfered 225GB of data from Macquarie Health Corporation during the attack. 

The attackers claimed the exfiltrated data included medical records, research and personal data of 6717 people, financial documents, bank balances and tax deductions among others.

In a statement, dated Thursday, Macquarie Health Corporation said: "The incident has not impacted our ability to deliver patient care. As always, we remain committed to the ongoing delivery of clinical services to our patients.

"We apologise for any inconvenience this disruption may cause and thank our staff, patients, and clinicians for their patience during this situation. We will keep you informed through further updates."

Macquarie Health was set up in 1973 by Dr Thomas Wenkart in Sydney, according to information at the company's website.

It has 12 hospitals which provide surgical procedures, rehabilitation and mental health clinics, skin imaging and dermascopy, medical systems; cosmetic procedures, e-health informatics and data solutions.

The companies under its banner are Macquarie Hospital Services, MacRehab, Macquarie Medical Systems, Derma Medical and Machealth eSolutions.

Contacted for comment, Brett Callow, a seasoned ransomware threat researcher from the New Zealand-headquartered security shop Emsisoft, said: "Hive's victims include multiple public sector organisations, including organisations in the healthcare and education sectors.

"It's also a particularly problematic ransomware from a recovery perspective. Hive has an absurd crypto scheme that makes restoration even more time-consuming that usual, with sloppy coding making data loss a real possibility."


Subscribe to ITWIRE UPDATE Newsletter here

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments