Thousands of patient files held to ransom in Hong Kong

By on
Thousands of patient files held to ransom in Hong Kong

SynoLocker flaw exploited.

Extortionists have encrypted data on more than 10,000 patients and various research projects at a Hong Kong hospital using a flaw in network attached storage maker Synology's software, and are demanding a ransom to return access.

The South China Morning Post reported that the Centre for Liver Health and Institute of Digestive Disease at the Prince of Wales Hospital had been hit by blackmailers who are demanding 0.6 Bitcoin (approximately A$372 presently) to decrypt the scrambled files.

Hong Police said the extortionists used the SynoLocker ransomware to encrypt the files on two servers.

Synolocker screenshot via Geekzone / Michael Murphy

A spokeswoman for the faculty said that while staff could no longer access the patient data as well as some research and teaching materials, it did not appear that information had been stolen.

The faculty has disconnected the servers from the network and has notified the Hong Kong privacy commissioner of the attack.

Synology has acknowledged the vulnerabilities in its DiskStation Manager software that the SynoLocker extortionists are exploiting, telling users to upgrade to the latest 5.0 version that has patched them.

"Based on our current observations, this issue only affects Synology NAS servers running some older versions of DSM (DSM 4.3-3810 or earlier), by exploiting a security vulnerability that was fixed and patched in December, 2013. At present, we have not observed this vulnerability in DSM 5.0."

- Synology statement 4 August 2014

Update 10:14am: A spokesperson for Synology told iTnews that SynoLocker encrypts user files and lock people out who don’t pay the extortion fee.

“So far, we have seen a number of people say they’ve paid the ransom, on Twitter,” the spokesperson said.

“The incentive [to pay the ransom] is equally appalling, apparently, if you don’t within a certain number of days, the ransom doubles,” the spokesperson added.

He reiterated that the vulnerability is preventable with software updates.

Users around the world are currently reporting SynoLocker attacks but it isn't clear if there is a way to decrypt the files without paying the ransom.

Synology suggests that victims who have had their files encrypted contact them on security@synology.com.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
ehealth encryption hong kong privacy ransomware security synolocker synology

Sponsored Whitepapers

Tomago Aluminium improves SAP environment performance, security with Red Hat and IBM
Tomago Aluminium improves SAP environment performance, security with Red Hat and IBM
Future of work: Support your distributed HR workforce with digital document processes
Future of work: Support your distributed HR workforce with digital document processes
Develop a resiliency strategy that integrates risk analysis & continuity management
Develop a resiliency strategy that integrates risk analysis & continuity management
IBM Maximo: Manage any asset, anytime, any place with mobile EAM
IBM Maximo: Manage any asset, anytime, any place with mobile EAM
Optimise your operations with APM and AI-Powered insights
Optimise your operations with APM and AI-Powered insights

Events

Most Read Articles

Westpac replaces branch phone systems with iPhones, Teams Calling

Westpac replaces branch phone systems with iPhones, Teams Calling
Australia Post nears end of massive telco transformation

Australia Post nears end of massive telco transformation
Westpac loses its group head of data and advanced analytics

Westpac loses its group head of data and advanced analytics
NBN Co to charge free fibre recipients that don't stick with higher speed plans

NBN Co to charge free fibre recipients that don't stick with higher speed plans

Log In

Email:
Password:
  |  Forgot your password?