04 October 2019

IRM Weekly Cybersecurity Roundup: Hospital ransomware attacks and more

Want the IRM weekly cybersecurity roundup sent straight to your inbox? Sign up to our newsletter. 


US and Australia turn away patients due to hospital ransomware attacks

A multitude of hospital ransomware attacks have caused disruption in the US and Australia, forcing facilities to turn patients away.

hospital ransomware attacks

In total, ten hospitals have been targeted, seven in Victoria, Australia and three in Alabama. There is currently no indication that these attacks are linked.

The ransomware attacks paralysed the network computer systems, including financial systems. This caused the hospitals to enforce emergency procedures, switching to manual processes where possible.

The attack has also affected elective surgeries and outpatient care. Ambulance services have been instructed to take patients to non-affected hospitals where possible.

The amount of ransom being asked is currently unknown. You can read more here.


Cameras sold on Amazon could cause huge security risk

Security cameras recommended by Amazon could be targeted by hackers.

Why? It seems some of the cameras with an “Amazon choice tag” have weak passwords and unencrypted data. This makes them an easy target for cybercriminals to hijack the camera and spy on owners.

This came to light after certain Amazon reviews revealed instances where strangers were able to turn on the security camera and spy on the households.

A report has claimed 50,000 security cameras in the UK alone could be affected and around 2 million worldwide. You can read more here.


Twenty million Russian tax records exposed online

Security researchers discovered a database left open on an unsecured web server with over 20 million Russian tax records. The database was accessible to anyone with a web browser.

Russia data leka of 20 million

The database consisted of a cluster of random and publicly sourced data. Two of which contained tax and personally identifiable information of Russian citizens.

One database contained more than 14 million personal and tax records from 2010 to 2016, another included over 6 million from 2009-2015. Details included full names, addresses, passport numbers, phone numbers, tax IDs, tax amounts and more.

The data had not been encrypted and was exposed for more than a year. It is unknown if they were accessed by anyone before it was secured. You can read more here.


Quick-fire Updates:

Talk-talk hacker’s parents helped transfer Bitcoin: The parents of teenage TalkTalk hacker Elliot Gunton have been sentenced to jail after helping him transfer cryptocurrency. You can read more here.

WhatsApp GIFs could hijack your Android phone: A vulnerability in WhatsApp’s Android app has now been patched after being discovered three months ago. The vulnerability could have let remote hackers compromise the device and potentially steal files and messages through sending a GIF. You can read more here.

FBI recommends not paying ransomware demands: The FBI have issued advice to organisations to not pay ransom demands, explaining there is no guarantee hackers will unlock the encrypted data. You can read more here.


If you have any questions about this week’s roundup, or want to understand how you can improve your cybersecurity strategy, get in touch with IRM. 

Are you looking to get into a career in cyber? Check out IRM’s job vacancies on our careers page or sign up to our careers newsletter for future roles.