Search
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Integrity360 - Irish Health Service - Ransomware Attack

May 2021 by Patrick Wragg, Cyber Incident Response Manager, Integrity360

In light of the news that Ireland’s health service has temporarily shut down its IT system after what it described as a "significant ransomware attack", please find comment on the story below from Integrity360. The comment from Patrick Wragg, Cyber Incident Response Manager, Integrity360:

"The ransomware variant is reported to resemble “Conti”. This is a ransomware tool that has been in operation since at least December 2019 and is believed to be derived from the “Ryuk” ransomware variant. Conti is often deployed using the “TrickBot” infrastructure. Conti is designed to be operated by the attacker, rather than via an automated process, and it contains unique features that allow a more targeted and quicker attack. Conti’s ransomware operations have targeted a wide variety of sectors globally, which include construction, manufacturing, and retail.

We would recommend that businesses increase vigilance of their environment, ensuring firewalls, IDS/IPS and AV solutions are monitored for any malicious activity; servers and applications are patched and consideration is given to disabling external RDP functionality or SMB."




See previous articles

    

See next articles