I noticed this last week:
Man Sentenced to 20 Years in Prison For NetWalker Ransomware Attacks
A Canadian man was sentenced to 20 years in prison for executing NetWalker ransomware attacks against healthcare organizations and other industries during the pandemic.
By Jill McKeon
October 07, 2022 - A Canadian man is facing 20 years in prison for his role in a variety of NetWalker ransomware attacks, including attacks against the healthcare sector during the COVID-19 pandemic. Sebastian Vachon-Desjardins, 35, of Gatineau, Quebec, was also ordered to forfeit $21.5 million.
“NetWalker ransomware has targeted dozens of victims all over the world, including companies, municipalities, hospitals, law enforcement, emergency services, school districts, colleges, and universities,” a Department of Justice (DOJ) press release stated.
“Attacks have specifically targeted the healthcare sector during the COVID-19 pandemic, taking advantage of the global crisis to extort victims.”
Previous reports indicate that NetWalker ransomware was behind a ransomware attack on the website of Champaign-Urbana Public Health District in Illinois in March 2020.
By July of the same year, the Federal Bureau of Investigation (FBI) issued a flash alert about the group as they continued to target US and foreign healthcare organizations, private companies, educational institutions, and governments.
For his role in the attacks, Vachon-Desjardins was arrested in Canada and extradited to the United States. Canadian authorities seized $742,840 in Canadian currency and 719 Bitcoin from Vachon-Desjardins’ home.
“The defendant identified and attacked high-value ransomware victims and profited from the chaos caused by encrypting and stealing the victims’ data,” said Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division.
More here:
Does anyone know what the penalties in Australia are or even if we have a defined offence of a ransomware attack?
I suspect we would be a rather more lenient – even taking into account that there have been deaths linked causally to suck attacks.
See here:
Cybersecurity is a matter of life or death
This didn’t happen because of the resource shortages that have been plaguing Australia’s healthcare sector since the start of the pandemic. It also wasn’t down to a misdiagnosis or any fault in the care provided by staff.
It was because the hospital fell victim to a cyber-attack that took its IT systems down and prevented access to patients’ medical histories. In this case, the patient was unable to verbally communicate where he was experiencing pain, and doctors were helpless in preventing the spread of an infection.
Cyber-attacks against Australia’s healthcare organisations are becoming alarmingly commonplace. The majority of breaches reported to the Office of the Australian Information Commissioner (OAIC) last year were from the healthcare sector.
There have been numerous examples of these breaches recently, each one wreaking significant damage while the nation battled with the challenges of covid and extreme weather events.
More here:
https://wildhealth.net.au/cybersecurity-is-a-matter-of-life-or-death/
This sort of attack is no joke and our systems and laws need to be really ready!
David.
No comments:
Post a Comment