Heading into the holiday season, the wave of cyber-attacks across industries is not slowing down. This week we are seeing a wave of new ransomware and supply-chain attacks. Let’s dive into some of the most noticeable attacks and events in the cyber domain this week.
Here are some of the most notable cybersecurity news from the week:
Ransomware cripples Japan’s healthcare sector
A ransomware attack halted outpatient care and non-emergency surgeries at a major Japanese hospital for a second day straight. Government-affiliated Osaka Acute and General Medical Center disclosed on Monday that a ransomware attack on its electronic medical records system made normal caregiving impossible. The hospital is a major medical hub in the Osaka prefecture with 865 beds.
Hospital officials told reporters that the attack occurred on Monday at around 7 a.m. and that they’ve received a ransom demand for an undisclosed amount of Bitcoin, reported state-owned NKH World. The staff had to switch to paper medical records that day, in order to accommodate the patient’s needs.
Non-emergency services remain inoperable with no foreseeable prospect for recovery, states a Wednesday hospital bulletin. The hospital is a designated advanced emergency medical service centre and one of the largest cancer hospitals in the region.
Ransomware attacks in Japan have seen an 87% increase in the first half of 2022 alone, a report from the National Police Agency of Japan says. A total of 114 “damaging” ransomware attacks were recorded during this time.
Vodafone Italy suffered a third-party breach
Vodafone Italia is sending customers notices of a data breach, informing them that one of its commercial partners who operate as a reseller of telecommunications services in the country, has suffered a cyberattack.
According to the notice, the cyberattack took place in the first week of September and resulted in the compromise of sensitive subscriber details. Vodafone Italia urges the recipients of the notifications to remain vigilant against incoming communications, as the risk of being targeted by phishing actors and scammers has now increased.
EU faces critical challenges in rolling out its new digital identity system
According to multiple reports in France, the EU is moving closer to rolling out a continent-wide digital identity system, but it still faces technical and legislative hurdles. This digital identity system comes in response to the shift to digital-centric life during the pandemic and the need for a universal way to verify identities online.
While this system must meet privacy and data protection requirements, industry groups and digital rights advocates have spoken out against this initiative. In particular, browser providers, like Google and Mozilla, argue that the additional trust certificates proposed in the mandate are less secure than current website authentication methods and would require extensive web infrastructure work to accommodate these changes.