Cyber attacks affect Wertach clinics in Bavaria and London transport company

Contents

The IT systems of the Wertach clinics in Bobingen and Schwabmünchen have been paralyzed since the beginning of September. This was reported by the Augsburger Allgemeine newspaper, among others. According to the report, clinic operations have been severely restricted by the failure of the server systems and have been switched to an analog emergency structure. Planned operations have been canceled, and further cancellations could follow.

The cybercrime department in Augsburg has reportedly taken over the investigation and is working closely with the clinics' IT experts. It is still unclear whether the perpetrators are demanding a ransom or have stolen sensitive data. Initial measures to secure and analyze the data were initiated immediately. "According to an initial analysis, encryption of virtual servers in the hospital information system is affected by the attack on IT," the report states.

It is not possible to predict when regular operations will resume. Work is currently underway to restore the most important processes as quickly as possible – Information to patients, for example about canceled operations, is sent directly via the ward staff.

Data leak at US oil company

Following a cyber attack on the US gas and oil service provider Halliburton, one of the largest oil service providers in the world, the company confirms the security incident in a mandatory notification (Form 8-K) to the US Securities and Exchange Commission. The company assumes that unauthorized persons gained access to the company's information.

When the company learned of the incident, it immediately informed the law enforcement authorities and took systems offline as a precaution. This led to disruptions and restricted access to some of the applications. Investigations are currently underway, including into the extent of the data leak. According to Bleeping Computer, the gang Ransomhub is behind the attack.

Cyberattack on "Transport for London"

The London transport company Transport for London (TfL) has also been affected by a cybersecurity incident. So far, there are no indications that customer data has been leaked. The TfL services were not affected. Immediate measures have been taken to prevent further access to their systems. TfL says it is working closely with the relevant government authorities to investigate the incident.

Cybersecurity is a perennial issue

Time and again, cyberattacks occur as a result of which criminals demand a ransom, for example for a decryption key. They pay in the hope of being able to use the IT systems again or to prevent a data leak. Experts advise against paying ransoms. To be prepared for such incidents, they recommend a good back-up strategy in addition to up-to-date IT security standards. If victims pay a ransom, attackers often even demand another one – this is what happened at the US healthcare provider Change Healthcare. After at least two ransom payments, the company still had to inform its customers about a data outflow.

Recently, a study commissioned by the digital association Bitkom revealed that 60 percent of around 1,000 companies surveyed were victims of cyberattacks. Of these, 31 percent suffered damage as a result. Of the companies affected, 12 percent stated that they had responded to the financial demands of the perpetrators. Of the companies that were victims of ransomware attacks, 40 percent were able to recover their data themselves, while 10 percent received their data back from the perpetrators without paying a ransom. Only one percent of the affected companies stated that stolen data was published. However, 17 percent reported massive restrictions on business operations as a result of the attack.

Following such attacks, 54 percent of companies have tightened their security precautions. Nevertheless, according to the survey, 42% had not expected to fall victim to a ransomware attack. 18% of those affected called in a service provider for support after the attack. Only 21 percent of companies reported the attack to a law enforcement agency.

(mack)