Massive cyber attack on Romanian hospitals

DIICOT is investigating the cyber attack that affected the activity of several hospitals in Bucharest and other parts of the country.

Mihai Pelin, 14.02.2024, 13:50

A number of hospitals in the capital Bucharest and other parts of Romania have recently been attacked by hackers. The first affected was the Pediatric Hospital in Pitesti (south), the target of a cyber attack as of Saturday. Across Romania, hundreds of patients who needed hospitalization had to wait because of the attack on the Hippocrates computer system, a software used for the management of the medical activity, of internal resources and accounting. The Directorate for the Investigation of Organised Crime and terrorism (DIICOT) is investigating the cyber attack of the last few days that disrupted the activity of medical units. In rem investigations are conducted in this case, for illegal access to a system, disruptions in the functioning of computer systems and illegal operations with computer programs or devices. The investigations were triggered following the notification of two commercial companies that provide maintenance services.

The National Directorate for Cyber Security (DNSC) which collaborates with the Romanian Intelligence Service (SRI) to regain the functionality of these systems, announced that there is no indication that patients’ personal data have been compromised. Problems were reported at 25 public and private medical units across Romania.

The Minister of Health, Alexandru Rafila, said that some of the affected hospitals managed to fix their problems, and the relevant institutions will develop a new technical standard aimed at preventing such actions that destabilize the medical system. He explained that the data transmission activity was blocked and dozens of hospitals were disconnected so that the consequences of the attack should not spread and possible data leaks are less likely.

In turn, the health and national security policies expert, Ioana Stăncel, says that the systems of several public institutions in Romania are currently being tested by attackers. She explained that, in the case of hospitals, it is worrying that personal data, especially medical data, are at risk. In her opinion, the responsibility for preventing such incidents rests with all the institutions involved and the stake is huge, as confidential data are threatened. Ioana Stăncel: I think those who carried out this cyber attack are testing the system. Other public institutions were also tested. What worries me is that once these blockages have occurred, personal data and especially medical data are at risk and I am concerned that there was no concern for the security of this data on the part of those who own it.

The cyber attack was not claimed, but the perpetrators sent a message demanding a ransom in crypto currency. The cyber-attacked healthcare facilities have been advised by both the DNSC and other cyber security authorities involved in the investigation of this incident, not to get in touch with the attackers.