Hong Kong’s Department of Health becomes the latest cyberattack victim
A recent article reported that Hong Kong’s Department of Health has become the latest victim of a cyberattack after three of its computers were hit by ransomware which left data inaccessible, prompting police to open a criminal investigation.
The targeted computers belonged to the department’s Infection Control Branch, Clinical Genetic Service, and Drug Office and were infiltrated in the two weeks since July 15.
A department spokeswoman stated that files stored on the computers were encrypted by ransomware, and an email address to contact for a decryption key was left behind, but no ransom was demanded.
The spokeswoman added that the computers did not contain any confidential personal information, and no data had been leaked.
There were also backup files available containing the same data as that encrypted.
In line with government guidelines, the department reported the incidents to the Office of the Government Chief Information Officer and police force.
A police source notified reporters that as a result of the cyberattack users could turn on the machines but could not gain access to some of the files encrypted.
He added that despite the lack of a request for ransom, law enforcement and authorities believe that the motive behind the attacks was a demand for money.
The source stated that a police investigation into the source of the cyberattacks is ongoing.
He hypothesised it was possible the computers were infected when their users browsed unsafe websites or opened hyperlinks or attachments in emails.
Recently, health care systems have increasingly become a target for hackers worldwide.
Some of the culprits have tried to sell the data they stole to parties who seek to use it for identity theft. Others have tried to extract ransom payments from hospitals locked out of patient data systems.
As reported earlier by OpenGovAsia, Singapore’s SingHealth database was the victim of a major data breach on 20 July 2018.
The attackers obtained the personal information of approximately 1.5 million Singaporeans with the attack being targeted at Singapore’s Prime Minister Lee Hsien Loong.
The data taken included patient names, NRIC numbers, addresses, gender particulars, race and dates of birth. Information on the outpatient dispensed medicines of about 160,000 of these patients were also exfiltrated. The records were not tampered with, i.e. no records were amended or deleted.
It was the city state’s biggest ever data breach and was labelled by Singapore’s authorities as being a “deliberate, targeted and well-planned” strike.
Hong Kong has also seen several major hacking cases in recent months. In April, the personal data of 380,000 Hong Kong Broadband Network customers, including details of more than 40,000 credit cards, were accessed without authorisation.
In January, computers at two local travel agencies – Goldjoy Holidays and Big Line Holiday – were hacked and their clients’ personal information held for ransom. Police later arrested a 30-year-old suspect.
In November, one of Hong Kong’s largest travel agencies revealed its customer database had also been hacked, putting at risk personal data such as ID card numbers and the credit card information of 200,000 customers.
The hackers demanded a seven-figure ransom, to be paid in bitcoin, but the firm did not comply and instead called the police, who later managed to decrypt the locked data.
In Hong Kong, the offence of blackmail carries a maximum penalty of 14 years in prison.
On Thursday (2 August 2018) law enforcement officials urged members of the public to be vigilant when using computers and to adopt more.
In addition to installing antivirus software, users should refrain from visiting or downloading any files from suspicious websites, and should not open suspicious emails, attachments or hyperlinks, officers said.
What’s a Rich Text element?
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
Static and dynamic content editing
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
How to customize formatting for each rich text
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.