Dublin's Coombe Hospital Hit by Ransomware Attack
The latest ransomware attack on the Coombe Hospital has added to the growing number of cyber attacks hitting organisations around the globe this week.
A separate incident involving a serious vulnerability (known as Log4Shell) in the widely used Apache Log4j logging utility has resulted in over 1.8 million attempts to exploit the vulnerability since it hit the public domain last week. If left unpatched, this exploit could be used by malicious actors to compromise machines over the internet, potentially putting millions of organisations at risk from a plethora of cyber attacks, including ransomware attacks.
On Thursday, the Coombe Hospital confirmed that they have been hit with a second attack on their systems. The first stemming from the Conti ransomware attack on the HSE, which occurred earlier this year.
Coombe Women & Infants University Hospital Ransomware Attack
The Dublin based Hospital has confirmed that they were hit with a ransomware attack last night. The attack is believed to be contained to several systems within the hospital and has not extended outside their network.
"We can confirm that the Coombe has been the subject of a cyberattack overnight. We wish to reassure all accessing our services that services are continuing as normal. We have locked down our IT systems on a precautionary basis & are working with the HSE to resolve this matter."— Coombe Women & Infants University Hospital (@CoombeHospital) December 16, 2021
The HSE and National Cyber Security Centre are currently working with the hospital to resolve the issues pertaining to the ransomware attack and, as a precaution, have disconnected the facility from the National Health Network in addition to locking down the hospitals IT, networks and systems.
Commenting on the attack, Minister of State Ossian Smyth noted that it had the hallmark signs of a ransomware attack but, “There hasn't been any note. In the previous attack on the HSE there was a ransomware note on every machine that was compromised.
He added, "That hasn't been the case here ... It's also not clear whether it is a human operated ransomware attack or if it was a self-replicating attack, which is much less serious."
The attack on Coombe comes only days after PwC published their report on the HSE cyber attack.
The HSE is operating on a frail IT estate that has lacked the investment over many years required to maintain a secure, resilient, modern IT infrastructure.
It does not possess the required cybersecurity capabilities to protect the operation of the health services and the data they process, from the cyber attacks that all organisations face today. It
does not have sufficient subject matter expertise, resources or appropriate security tooling to detect, prevent or respond to a cyber attack of this scale.
There were several missed opportunities to detect malicious activity, prior to the detonation phase of the ransomware.
How We Can Help
Having a proactive approach to cyber security is key to minimising your organisation's risk and reducing the overall impact a cyber attack could have on your organisation.
At Secora Consulting, we offer Configuration Reviews, Vulnerability Assessments and IT Health Checks that can identify vulnerabilities within your organisations IT assets to help protect you from unauthorised access and breaches.
We also offer tailored simulated phishing exercises to determine how effectively your organisation can identify incoming phishing attacks.
If you’re interested in this - or any of our other bespoke cyber security assessments, get in touch to find out more.
- The Anatomy of a Ransomware Attack
- Protecting Your Organisation From Social Engineering Attacks
- The Top 5 Cyber Security Risks for Remote Employees
All of Secora Consulting's assessments are tailored to our client's needs.
Using our experience, we can help you determine which services are right for you.