The website of Norfolk General Hospital, aCanadian hospital, has been hacked to serve up the notorious Teslacrypt ransomware to unsuspecting visitors.
Malicious code was injected directly into the site’s source code which redirected users to the Angler exploit kit, which in turn downloaded Teslacrypt ransomware.
The hospital investigated the attack with the external security experts and encrypted and restored its systems.
Source: https://grahamcluley.com/canadian-hospitals-website-hacked-serve-teslacrypt-ransomware/
TPRM report: https://www.rankiteo.com/company/norfolk-general-hospital
"id": "nor233319522",
"linkid": "norfolk-general-hospital",
"type": "Ransomware",
"date": "6/2017",
"severity": "100",
"impact": "7",
"explanation": "Attack that could injure or kill people"{'affected_entities': [{'industry': 'Healthcare',
'location': 'Canada',
'name': 'Norfolk General Hospital',
'type': 'Hospital'}],
'attack_vector': 'Website Compromise',
'description': 'The website of Norfolk General Hospital, a Canadian hospital, '
'has been hacked to serve up the notorious Teslacrypt '
'ransomware to unsuspecting visitors. Malicious code was '
'injected directly into the site’s source code which '
'redirected users to the Angler exploit kit, which in turn '
'downloaded Teslacrypt ransomware. The hospital investigated '
'the attack with the external security experts and encrypted '
'and restored its systems.',
'impact': {'systems_affected': ['Website']},
'initial_access_broker': {'entry_point': 'Website'},
'motivation': 'Financial Gain',
'ransomware': {'ransomware_strain': 'Teslacrypt'},
'response': {'remediation_measures': ['Encrypted and restored systems'],
'third_party_assistance': 'External security experts'},
'title': 'Norfolk General Hospital Website Hacked to Distribute Teslacrypt '
'Ransomware',
'type': 'Ransomware'}