Image via Google Street View
The Brno University Hospital in the city of Brno, Czech Republic, has been hit by a cyberattack right in the middle of a COVID-19 outbreak that is picking up steam in the small central European country.
Hospital officials have not revealed the nature of the security breach; however, the incident was deemed severe enough to postpone urgent surgical interventions, and re-route new acute patients to nearby St. Anne’s University Hospital, local media reported [1, 2, 3, 4].
The hospital was forced to shut down its entire IT network during the incident, and two other of the hospital’s branches, the Children’s Hospital and the Maternity Hospital, were also impacted.
The infection took root at around 5 a.m. in the morning, local time, Peter Gramatik, a patient in the hospital at the time, and a security researcher with Sucuri told ZDNet via email today.
“The hospital public announcement system started to repeat the message that all personnel should immediately shut down all computers due to ‘cybernetic security’,” Gramatik told us.
“This message was repeated like every 30 minutes.
“Around 8 a.m. there was another public announcement that all the surgeries are cancelled,” Gramatik said, who was then sent home.
Following the incident’s onset, teams from the Czech National Cyber Security Center (NCSC), Czech police (NCOZ) and hospital’s IT staff are now working together on-site to recover the hospital’s IT network.
Hospital is a COVID-19 testing center
The incident is considered a severe one and treated with the utmost urgency because the Brno University Hospital is one of the Czech Republic’s biggest COVID-19 testing laboratories.
By the time of publishing, it remained unclear if the hospital’s coronavirus testing capability was impacted, even temporarily, by the cyber-attack.
According to the latest statistics, there have been 117 infections confirmed in the Czech Republic, as the extremely viral disease appears to be just getting started spreading inside the small country, and the hospital’s full testing capabilities are sorely needed right now.
Unfortunately, despite the global COVID-19 outbreak, hackers have not eased operations, not regular cybercriminals and not advanced state-sponsored groups.
Earlier this week, the Champaign-Urbana Public Health District systems were hit by ransomware; however, the institution was not handling COVID-19 testing, as the Brno hospital was.
I really hope that bad guys step back in the coming weeks and do not attack & encrypted hospitals with ransomware#coronavirus
— abuse.ch (@abuse_ch) March 13, 2020
“At times of crisis, hackers see opportunity,” Flavius Plesu, founder and CEO of human risk intelligence firm OutThink, told ZDNet today. “At times of increased risk, security teams must be extra vigilant and understand that the risk of a cyberattack is much higher than usual as hackers try to take advantage of tired, overstretched staff that potentially have their guards down.”