National cybersecurity agency braced for further serious network intrusions

Israeli hospital cancels non-urgent procedures following ransomware attack against Hillel Yaffe Medical Center

Israel’s National Cyber Directorate (INCD) is urging organizations across the country to bolster their cyber defenses following a disruptive ransomware attack against a hospital in Israel’s northwest.

The Hillel Yaffe Medical Center, situated in the city of Hadera, cancelled non-urgent procedures as staff reportedly resorted to using pen and paper after IT systems were disabled by a cyber-attack yesterday (October 13).

Indicators of compromise

The INCD, which is assisting with the hospital’s post-incident investigation and recovery, has shared indicators of compromise (IOCs) in order to help hospitals and other organizations spot evidence of similar network intrusions.

Evidence of unusual activity should be reported to the INCD, it added.

Read more of the latest cyber-attack news and analysis

Organizations running outdated versions of email servers and virtual private networks (VPNs) have been advised to reset user passwords and update systems to the latest versions.

“The Hillel Yaffe Medical Center wishes to inform you about a totally unexpected ransomware cyber-attack which has attacked the hospital’s computer systems,” said the hospital in a statement on its website.

“The hospital is currently using alternative systems to treat its patients. Medical treatment is continuing as usual, aside from non-urgent elective procedures.”

Operational continuity

The Times of Israel has reported that the Health Ministry has sent a letter to hospitals across Israel advising them to print out patients’ medical files to ensure operational continuity in case of further attacks.

It also reports that hospital director Mickey Dudkiewicz said attackers had not yet requested a specific ransom amount, but that Health Ministry officials believe hackers were likely motivated by financial gain rather than geopolitical goals.

Israel suffered 2.5 times as many cyber-attacks as the global average in the first half of 2021, according to American-Israeli cybersecurity firm Check Point.

Many attacks against the country are attributed to attackers backed by Iran, including a ransomware attack against call center service company Voicenter last month, a cyber-attack that hit dozens of Israeli logistics companies in December 2020, and an attack targeting its water management systems in April 2020.

The Daily Swig has sent additional queries to the INCD, the Israeli Ministry of Health, and Hillel Yaffe Medical Center. We will update the article if and when we receive responses.

READ MORE Iranian cyber-threat groups make up for lack of technical sophistication with social engineering trickery