Four hospitals in Romania have been affected by the BadRabbit 4 ransomware, the Romanian Intelligence Service (SRI) announced. One of the hospitals is the Victor Babeş Infectious Diseases Hospital in Bucharest. The other hospitals are located in Huşi, Dorohoi and Cărbuneşti.
A team of the Cyberint National Center was sent to the Bucharest hospital to assess the situation.
“The preliminary analysis shows that installing a recognized antivirus product is enough to stop the ransomware. Most probably, this was based on social engineering (fooling the user), and not on exploiting a vulnerability of the system. The ransomware is not a complex one and can be detected by any antivirus product,” SRI said.
The activity of the hospitals was made more difficult by the cyberattack but patients should not be scared since the issue does not affect individuals, health minister Sorina Pintea said, quoted by Mediafax. The attacks made activities such as admissions, discharges, or issuing of receipts more difficult, the minister explained.
The minister also said the system of the National Health Insurance House (CNAS) was not affected.
“Besides the shared IT system, every hospital has its own IT system which manages the data of the respective institution. Theoretically, the IT system of every hospital should have round-the-clock maintenance but there is no compulsory system that needs to be used,” she explained.
The minister recalled similar incidents in the past, where hospitals lost their data, which needed to be recovered, at times for a fee. One such case was the Huşi hospital, which lost all documents concerning their admitted patients, the minister said. Another incident happened in 2017, when a cyberattack targeted the hospital in Sighetul Marmaţiei. Then, the hackers asked for EUR 10,000 to release the data.