Home Virusfree Solutions Resources Customers and support Company Blog
Customer portal CZ Try Virusfree

The attack in Benešov was preceded by a triple cryptovirus activity

Systems in the Benesov hospital collapsed today. The reason was cryptovirus attack, which was preceded by increased attack activity.

December 11, 2019

You can read in all the Czech media today that the Benesov hospital has collapsed and all devices are offline. The network was harmed during the night by a cryptovirus that made all laboratory instruments inoperative.

This attack was preceded by an huge increase in cryptovirus activity in e-mails. We have seen 300% increase during night. An email campaign consisted of variety of false orders and invoices in English. Similar activity is recorded almost permanently, but not in such a high degree.

Common subjects from this campaign are:

  • PAYMENT CONFIRMATION
  • Urgent Quotation
  • CONTRACT TERMINATION
  • Boleto referente a taxa de R $ ....
  • NEXT SHIPMENT
  • Purchase Order # .......
  • DHL AWB DOC-INV
  • SOB ADVICE AGAINST
  • Letter of Intent ...

The campaign is very effective and bypasses common spam filters, because attackers do not use botnets (networks of infected computers), but actual user email accounts.

If user uses a weak password or the same password in another compromised service, the attackers is able to log in and send dangerous email messages from mailbox. Unfortunately, the entire databases of email login credentials can be easily purchased online.

The e-mail sent in this way comes with a valid SPF record, sometimes even with a valid DKIM. This means that from the spam filter's point of view, it is a message with all the essentials that reaches the victim's mailbox.

Unfortunately, our long-term experience suggests that the state of IT in some organizations that fall under critical infrastructure is deplorable in terms of security. We notice long-term lack of funding, non-conceptual management and personal need. The infrastructure is then not ready to resist these threats.

E-mail filtering in organizations is beaing boycott by users or management. They argue that they would rather weaken filtering to deliver all emails - including spam. This is as flawed as deliberately reducing the quality of your antivirus solution so that it doesn't accidentally bother users.

Read other articles

Resources you might find useful

Cyber security in local Government

Cybersecurity in local government is a growing concern for anyone interested in how digital technology is impacting our political system....

Cyber security in Healthcare

In recent years, the threat to digital healthcare systems has grown significantly. It is not isolated to a particular geographical region...

Spam emails

As our exposure to digital networks grows and the Internet of Things (IoT) expands to encompass more and more items in our everyday lives,...

Enhance cyber security Education

The education sector is one of the most common targets of cybercrime and, despite having been involved in numerous high-profile attacks, it...

Don't miss anything! Use our newsletter...

Company

Excello s.r.o

CRN: 27444899

VAT number: CZ27444899

Prague, Czechia

Contact

info@virusfree.cz support@virusfree.cz

Useful links

Customer portal Help
Home Virusfree Solutions Resources Customers and support Company Blog Free trial

This website uses first and third party cookies for advertising purposes. By clicking "Accept", you consent to the use of cookies. Read more about these cookies.

Decline Accept