Several cyberattacks were prevented by the Health Ministry’s Cyber Security Center over the weekend, the Health Ministry said Sunday morning.
Some 627 cyberattacks per organization were observed in Israel’s health sector – 72% more than the average on previous weekends, Check Point said. This is also more than in any other sector, where there was an average of 267 attacks per organization and no significant increase, the cyber security firm noted.
Barzilai Medical Center in Ashkelon, which is run by former health ministry director-general Chezy Levy, was among the hospitals that were targeted, Levy told Ynet.
Check Point said that it believes one of the reasons for the increase is that hackers might think that, due to the successful attack against the Hillel Yaffe Medical Center in Hadera last week, that the Israeli health sector is not properly protected.
As the organization reported last week, the sector is being “significantly attacked” anyway.
Barzilai Medical Center (credit: Wikimedia Commons)
In fact, there has been a nearly 600% increase in the number of reports of ransomware attacks by Israel in the last 19 months – between January 2020 and September 2021 – according to a report published last week by the cybersecurity firm VirusTotal.
The “Ransomware Activity Report” reviewed 80 million ransomware samples from more than 130 different ransomware families targeting more than 140 countries.
A ransomware attack damages the information system by encrypting its files and denying an organization or user access to the file. This allows those responsible for the attack to demand a ransom in order to decrypt the files.
Israel topped the list of most targeted countries based on the number of submissions, followed by South Korea, Vietnam, China, Singapore, India, Kazakhstan, Philippines, Iran and the United Kingdom.
The report also showed that Windows accounts for 95% of the ransomware targets, compared to 2% for Android.
Last Wednesday, Hillel Yaffe was hit with a ransomware attack that targeted its computer systems and succeeded in penetrating its IT infrastructure.
The group of hackers who targeted the Hillel Yaffe was also responsible for a similar attack against a US hospital, where they asked for $10 million in ransom, Israeli media reported.
According to Ynet, the ransomware is known as DeepBlueMagic.
It was first identified by Danish security firm Heimdal, the US legal journal National Law Review reported in August.
This particular type of ransomware utilizes an innovative kind of encryption and is especially insidious because it manages to circumvent protection tools installed in the system to protect it.
While Hillel Yaffe has continued to work on alternate systems to receive and treat critical patients, as of Sunday, the hospital staff and the Health Ministry were still working on returning its IT systems to full function with additional protection.
At the same time, the ministry and the Cyber Security National Authority have been working on strengthening the level of protection in all of Israel’s health care organizations.