CHwapi Hospital Suffers a Ransomware Attack

CHwapi Hospital Suffers a Ransomware Attack

On Sunday night, the CHwapi hospital in Belgium witnessed a cyberattack that incited the facility to divert emergency patients to different emergency hospitals and defer surgeries.  As per the attackers, they utilized Windows BitLocker to encrypt 40 workers and 100TB of information. In the wake of encrypting devices, the attackers state they left ransom notes named ransom.txt on the domain controllers and backup servers. 

"We attack chwapi hospital in Belgium 2 days ago. and set up a ransom note on servers. but the IT management team not give this information to hospital management. hospital management makes a press release and said there is no ransom note, but this is a lie. something is going on," the attackers wrote in an email. Rather than utilizing conventional ransomware, this group utilizes off-the-shelf software, for example, Windows BitLocker and DiskCryptor to encrypt documents and lock admittance to the disk partitions with a password. The attackers revealed that they don't encrypt each gadget on the network and only target servers holding a lot of records, for example, file servers and backup servers.

As reported by local media group L'Avenir, 80 of the hospital centers' 300 servers were affected by the attack, constraining staff and nurses to surrender computerized entries and turn to pen and paper for patient assessments. Patient information was not compromised, as per CHwapi. 

To communicate with the victims, this hacking group makes ransom notes containing a Bitmessage ID that can be utilized to negotiate a ransom. This group states that they are not part of a Ransomware-as-a-Service (RaaS) and do not steal or leak information. Some ransomware groups have expressed that they will try not to enc ..

Support the originator by clicking the read the rest link below.