This Hanukkah Give the Gift of Truth

The Media Line led twenty years ago in pioneering the American independent news agency in the Middle East, arguably the first in the region. We have always stayed true to our mission: to provide you with contextual sourced and trustworthy news. In an age of fake news masquerading as journalism, The Media Line plays a crucial role in providing fact-based news that deserves your support.

We're proud of the dozens of young students we've trained in our Press and Policy Student Program who will form the vanguard of the next generation of journalists to the benefit of countless millions of news readers.

Non-profit news needs public support. Please support us with your generous contributions:
Donate
We thank our loyal readers and wish you all the happiest of holidays
The Media Line
DeepBlueMagic Hackers Behind Hospital Attacks Are an ‘Emerging Threat’: Experts (with VIDEO)
Matan Rudis, head of the Threat Intelligence Group at SentinelOne, Oct. 19, 2021. (Maya Margit)

DeepBlueMagic Hackers Behind Hospital Attacks Are an ‘Emerging Threat’: Experts (with VIDEO)

Little is known about the new ransomware that paralyzed Israeli hospital’s computer systems; the health care sector is particularly vulnerable to cybercrime

Who or what is DeepBlueMagic, and how did it manage to shut down the computer systems of a major Israeli hospital? 

The entire network of Hillel Yaffe Medical Center in central Israel has been paralyzed after the hospital fell victim to a massive cyberattack last week. 

Experts believe that a mysterious group of criminals working out of China used a new ransomware known as DeepBlueMagic to carry out the attack – the largest ever launched on the Israeli health sector. 

While the attack was likely financially motivated and not state-sponsored, very little is known about the group of hackers or DeepBlueMagic, according to SentinelOne, a leading Israeli cybersecurity company that specializes in endpoint detection and response.

“It wasn’t seen before very widely in our region,” Matan Rudis, head of the Threat Intelligence Group at SentinelOne, explained to The Media Line. “Researchers attribute it to Chinese activity. It doesn’t mean that it’s a government activity of course; it could be completely criminal.”  

Matan Rudis, head of the Threat Intelligence Group at SentinelOne, Oct. 19, 2021. (Maya Margit)

Ever since the attacks, Hillel Yaffe Medical Center has been unable to access patient files or update data. Experts estimate that it could take months for the hospital to get its computer systems fully back online. 

Rudis believes that DeepBlueMagic will continue to make headlines.

“For many researchers, it was the first time we heard about this activity,” he said. “It has been a bit more active in the past few months so we can call it an emerging threat. It will probably get much more attention very soon.” 

Earlier this week, Israel’s Health Ministry said it had noticed a dramatic increase in the number of attempted cyberattacks on the Israeli health care industry, with at least nine hospitals and organizations across the country being targeted in a matter of days.

The health sector overall has been a prime target for cybercriminals even since the start of the COVID-19 pandemic.

In fact, it suffers from twice as many attacks as any other industry. 

“Hospitals are usually large organizations and the larger the organization is, the bigger the attack surface becomes,” Rudis explained. “That means that there are opportunities for the attacker to try to penetrate into the network just because it has more features in it and more services.” 

At the moment, ransomware attacks are the most common type of cyber threat faced by hospitals. The goal of such attacks is first and foremost extortion: Cybercriminals infiltrate a computer system and block access to critical files and data, demanding that organizations pay a ransom to restore the system to its previous condition.

However, it is not only hospitals that are riding a wave of cybercrime. 

The move to remote work environments as a result of the pandemic has created major challenges for cybersecurity across the board.

“What we’ve seen is a huge increase in cyberattacks, especially on critical infrastructure like hospitals,” Yevgeny Dibrov, CEO and co-founder of Armis Security, told The Media Line.

Armis Security, a company that protects more than one billion devices worldwide, was founded in Israel in 2015 and is currently headquartered in Palo Alto, California.

“When there is more of a remote workforce, more digital transformation and more connected [devices] in the environment – then there are more cyberattacks,” Dibrov said.

In hospitals, improperly secured medical devices are particularly vulnerable to such threats.

Also known as medical IoT (Internet-of-Things) devices, this equipment often transmits sensitive patient data and includes applications such as insulin pumps, wearable health trackers, blood glucose monitors, asthma inhalers, diagnostic machines and even pacemakers.

“If you look at an MRI machine it’s basically like a computer running [old] Windows XP, which is super vulnerable,” Dibrov affirmed. “There’s no real protection for it so attackers are looking for the weakest link.” 

For his part, Matan Rudis of SentinelOne argues that health care organizations need to take greater steps to ensure that their networks – and their patients – remain safe. 

“Ransomware is definitely going to be a serious threat also in the next few years,” he said. “The more we share about incidents and the activity that we see – and the insights that we have from campaigns – the better the entire security community can prepare counter-measures and prevent or minimize the risks of similar events in the future.”

Did you know we’re celebrating our 20th Anniversary as the 1st American News Agency exclusively covering the Middle East?

  • The Middle East landscape is changing rapidly.
  • The roads in the region open to new possibilities.
  • The Media Line continues to pave the way to a far greater understanding of the region’s land, people, policies and governments through our trusted, fact-based news.

We’re an independent, ad-free, non-profit news agency and rely on friends like you!

Please make your gift today.
Thank you!

We paved the way to be the Trusted Mid East News you can rely on!

We’re an independent, ad-free, non-profit news agency and rely on friends like you!

Invest in the
Trusted Mideast
News source.
We are on the
front lines.

Personalize Your News
Upgrade your experience by choosing the categories that matter most to you.
Click on the icon to add the category to your Personalize news
Browse Categories and Topics
Wake up to the Trusted Mideast News source Mideast Daily News Email
By subscribing, you agree to The Media Line terms of use and privacy policy.
Wake up to the Trusted Mideast News source Mideast Daily News Email
By subscribing, you agree to The Media Line terms of use and privacy policy.