KD Hospital in Gujarat was hit by a ransomware attack on May 13, 2023. The attack encrypted all of the hospital’s data, including patient records, CCTV footage, and software. The hackers demanded a ransom of $70,000 in bitcoins in exchange for decrypting the data.
According to a reliable hospital source, the online system of the hospital was temporarily affected, but manual operations were carried out during the server downtime. The servers are now back online, with an additional backup server in place. Healthcare services remained unaffected. The incident is being investigated by the National Forensic Sciences University (NFSU) and cybercrime police. An audit report is expected in a week to identify any system vulnerabilities and determine necessary IT infrastructure adjustments.
An FIR has been filed against the perpetrators under IPC sections 384 and 511, along with IT Act sections 43 and 66. The FIR was lodged based on a complaint from Kishor Gojiya, an IT official at the hospital. Gojiya received a call from the night supervisor, Mehulbhai Bhavsar, reporting the server outage. Upon investigation, it was discovered that an unidentified hackers’ group had launched a ransomware attack. Efforts were made to disconnect the affected servers and assess the extent of data damage. Crucial hospital and patient data were encrypted by the attackers.
Dr. Parth Desai, Chief Operating Officer of KD Hospital, was informed about the incident, and assistance was sought from NFSU in Gandhinagar. The NFSU team captured images of the encrypted server before a message appeared on a computer screen, instructing the hospital to contact the attackers via email (goodmorningfriend@onionmail.org) to retrieve the encrypted data. Subsequently, an email was received demanding a ransom of 70,000 USD in bitcoins. A subsequent email from the attackers suggested a potential reduction in the ransom amount.
The ransomware attack on KD Hospital is a reminder that no organization is immune to cyber crime. Healthcare organizations are particularly vulnerable to ransomware attacks because they store sensitive patient data.
There are a number of steps that healthcare organizations can take to protect themselves from ransomware attacks, including:
- Implementing strong cybersecurity measures, such as using multi-factor authentication and keeping software up to date.
- Having a robust backup and disaster recovery plan in place.
- Educating employees about cybersecurity risks.
By taking these steps, healthcare organizations can help to protect themselves from ransomware attacks and the disruption they can cause
KD Hospital in Gujarat was hit by a ransomware attack on May 13, 2023. The attack encrypted all of the hospital’s data, including patient records, CCTV footage, and software. The hackers demanded a ransom of $70,000 in bitcoins in exchange for decrypting the data.
According to a reliable hospital source, the online system of the hospital was temporarily affected, but manual operations were carried out during the server downtime. The servers are now back online, with an additional backup server in place. Healthcare services remained unaffected. The incident is being investigated by the National Forensic Sciences University (NFSU) and cybercrime police. An audit report is expected in a week to identify any system vulnerabilities and determine necessary IT infrastructure adjustments.
An FIR has been filed against the perpetrators under IPC sections 384 and 511, along with IT Act sections 43 and 66. The FIR was lodged based on a complaint from Kishor Gojiya, an IT official at the hospital. Gojiya received a call from the night supervisor, Mehulbhai Bhavsar, reporting the server outage. Upon investigation, it was discovered that an unidentified hackers’ group had launched a ransomware attack. Efforts were made to disconnect the affected servers and assess the extent of data damage. Crucial hospital and patient data were encrypted by the attackers.
Dr. Parth Desai, Chief Operating Officer of KD Hospital, was informed about the incident, and assistance was sought from NFSU in Gandhinagar. The NFSU team captured images of the encrypted server before a message appeared on a computer screen, instructing the hospital to contact the attackers via email (goodmorningfriend@onionmail.org) to retrieve the encrypted data. Subsequently, an email was received demanding a ransom of 70,000 USD in bitcoins. A subsequent email from the attackers suggested a potential reduction in the ransom amount.
The ransomware attack on KD Hospital is a reminder that no organization is immune to cyber crime. Healthcare organizations are particularly vulnerable to ransomware attacks because they store sensitive patient data.
There are a number of steps that healthcare organizations can take to protect themselves from ransomware attacks, including:
- Implementing strong cybersecurity measures, such as using multi-factor authentication and keeping software up to date.
- Having a robust backup and disaster recovery plan in place.
- Educating employees about cybersecurity risks.
By taking these steps, healthcare organizations can help to protect themselves from ransomware attacks and the disruption they can cause