2/21/2019 EXCLUSIVE Latest & Breaking News Melbourne, Victoria | The Age NATIONAL VICTORIA HEALTH nhom Crime syndicate hacks 15,000 medical files at Cabrini Hospital, demands ransom tien chuoc By Cameron Houston and Anthony Colangelo February 20, 2019 — 11.45pm lam roi, xao tron A cyber crime syndicate has hacked and scrambled the medical files of about 15,000 patients from a specialist cardiology unit at Cabrini Hospital and demanded a ransom. The attack is now the subject of a joint investigation by Commonwealth security agencies. Melbourne Heart Group, which is based at the private hospital in Malvern, has been unable to access some patient files for more than three weeks, after the malware attack crippled its server and corrupted data. lam hong The malware used to penetrate the unit's security network is believed to be from North Korea or Russia, while the origin of the criminals behind the attack has not been revealed. The online gang responsible for the data breach demanded a ransom be paid in cryptocurrency before a password would be provided to break the encryption. The Age understands that a payment was made, but some of the scrambled files have not been recovered, among them patients' personal details and sensitive medical records that could be used for identity theft. Some patients were told that their files had been lost but were not given any explanation. Others have turned up for appointments for which the hospital had no record. The Australian Cyber Security Centre, which is part of the Australian Signals Directorate – the government agency responsible for Australia's cyber warfare and information security – said it was assisting the hospital with cyber security advice. The Australian Federal Police has also been briefed. A Melbourne Heart Group spokeswoman said it was working with government agencies to resolve the issue. https://www.theage.com.au/national/victoria/crime-syndicate-hacks-15-000-medical-files-at-cabrini-hospital-demands-ransom-20190220-p50z3c.html 1/4 2/21/2019 Latest & Breaking News Melbourne, Victoria | The Age "The protection of personal patient information is of the utmost importance ... patient privacy has not been compromised in this instance," the spokeswoman said. She also stressed there was no link between the encypted data and any function relating to cardiac implantable electrical devices, such as pacemakers and defibrillators. The spokewoman would not say how many files had been affected or whether a ransom had been paid. The latest hack is expected to fuel calls for the federal government to reinforce the nation's cyber defences, particularly email security. thua nhan This week, the Morrison government conceded federal parliament and major political parties' security systems had been compromised by what was believed to be a state-based cyber attack. lam ton thuong, lam hai, dan xep, thoa hiep Professor Matt Warren, deputy director of Deakin University’s Centre for Cyber Security Research, said the data breach at Melbourne Heart Group was most likely a “ransomware” attack. tinh co Someone, probably a staff member, using the hospital’s software could have inadvertently opened a corrupted link on a phishing email allowing ransomware, a form of malware, into the hospital’s system, Professor Warren said. From there, the attackers encrypt sensitive information from hospital servers, essentially locking it away from access by medical staff. “Then they say to the hospital ‘you must pay us to get your data back’,” Professor Warren said. “It’s sophisticated in that you have to get the malware onto the hospital system, but once you have done that then it is relatively easy. https://www.theage.com.au/national/victoria/crime-syndicate-hacks-15-000-medical-files-at-cabrini-hospital-demands-ransom-20190220-p50z3c.html 2/4 2/21/2019 Latest & Breaking News Melbourne, Victoria | The Age “Other than the cost it isn’t hard to be protected from this … organisations need to update and patch their security and systems regularly because the problem you have is the hackers' capabilities are becoming more sophisticated.” These types of breaches stem from the worldwide “WannaCry” ransomware attack in May 2017. One of the largest hit by this attack was Britain’s National Health Service, where it was estimated up to 70,000 hospital devices in England and Scotland were impacted. Non-critical emergencies and some ambulances were turned away from hospitals hit by the attack, operations were cancelled and accident and emergency centres were closed. The healthcare sector has become a preferred target for many online criminals after the Hollywood Presbyterian Hospital in Los Angeles revealed it paid $17,000 in bitcoin to hackers who had seized control of its computer network. And the massive hack of US health insurance giant Anthem in 2015 – when the personal information of more than 79 million Americans was exposed – further identified the sector's vulnerability to data breaches and potential for identity theft. Cameron Houston Senior Crime Reporter Anthony Colangelo Anthony is a reporter at The Age https://www.theage.com.au/national/victoria/crime-syndicate-hacks-15-000-medical-files-at-cabrini-hospital-demands-ransom-20190220-p50z3c.html 3/4 2/21/2019 Latest & Breaking News Melbourne, Victoria | The Age https://www.theage.com.au/national/victoria/crime-syndicate-hacks-15-000-medical-files-at-cabrini-hospital-demands-ransom-20190220-p50z3c.html 4/4