cognitive cybersecurity intelligence

News and Analysis


Daixin Team Takes Responsibility for Attacks on Canadian Hospitals, Begins Releasing Data

Well, I’ve got a bit of a cyber tale for you today, folks. You know the ruffles that have been happening within our healthcare and cybersecurity circles due to a notorious group known as the Daixin Team? Yep, those lads. Well, they’re back in the headlines again after five Canadian hospitals in Ontario experienced an unexpected cyber unwelcome. We’re talking about big names here: Windsor Regional Hospital, Hotel Dieu Grace, Erie Shores Healthcare, Hospice of Windsor-Essex, and the Chatham-Kent Health Alliance.

Poor things, they had to face a severe ransomware attack that royally knocked out the hospitals’ access to Wi-Fi, emails, and patient information systems. Not exactly the best timing, is it? There were even surgeries and appointments that had to be cancelled or rescheduled. It was all a right muddle. And to add to the pandemonium, they couldn’t even ring up the patients to inform them about the hoo-ha. Word has it, cancer patients had to be shuffled over from Windsor to other hospitals for their radiation treatment.

Now what happened, you ask? Well, they reckon that crucial patient and employee data had been pinched by our hood-dwinking friends, Daixin. The authorities were working at full tilt to restore the systems and keep everything under wraps. Except for one small hiccup, they fear that the stolen info might be leaked, and Daixin proudly claimed responsibility for it.

Here’s the kicker, they took more than 5.6 million records incorporating personally identifiable and health-related information. The haul even included 160GB of scanned documents directly from the internal servers. The icing on this sour cake is that Daixin even released a small taste of what’s in the pipeline on their dark web leak site—a disconcerting preview of the patient records and claims information to come.

And this plucky gang didn’t stop there. Apparently, they steamrollered through the extortion process; they went in for the kill, sabotaging the backups, and setting up a negotiation chat room. A bit of a Mexican standoff unfolded as the negotiator was given a taste of confidential files, a demonstration of Daixin’s decoding capacity.

The daft thing was the hospital staff were stubborn in negotiation and refused to pay up. Leaving Daixin with a cheeky smirk on their virtual face, holding potentially critical data, and even an allegation by them that they could have wrecked more havoc but showed restraint. I mean, they didn’t precisely earn any boy scout points, but yikes!

Of course, one question is stuck in my noggin: how in the name of the queen’s corgis did Daixin infiltrate the hospitals’ networks so smoothly? The mischievous crew of hackers said that the networks were as clear as daylight for them; they had an open ticket to waltz right in. Staggeringly (and rather amusingly), it might have been because the admins used the same passwords everywhere. I mean, folks, come on!

You’d imagine the cybersecurity landscape of a hospital had more fortifications. Yet, Daixin got cozy in the system for a fair few days without being spotted, claiming they still had access even after the hospital’s efforts to mop up. It makes you think, doesn’t it?

I guess we’re left debating if it’s worth engaging in the dangerous game of negotiating with hackers or whether we should just outright ban all ransom pay-outs. There’s also the dire need for cracking down on ransomware issues and formulating effective counter-strategies.

So, it’s been a bit of a lesson to us all. Stay vigilant, don’t recycle your passwords, and watch out for those pesky cyber punks causing chaos in our digital world. Remember, it’s not all doom and gloom—we can strengthen our defenses, learn from these incidents, and work tirelessly to protect our patients’ data. Cheers!

by Parker Bytes

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts