Deakin Medical Centre Targeted by Global Ransomware Attack

The Deakin Medical Centre, located in Mildura, Victoria, has become the latest victim of the cybersecurity threat posed by the Global ransomware group. This incursion highlights ongoing vulnerabilities within Australian healthcare providers.

Recent Attack Overview

On June 10, the Global ransomware group publicly listed Deakin Medical Centre on its darknet site, which is notorious for leaked data. Investigations indicate that the leaked information includes a variety of sensitive patient data, ranging from healthcare assessments to detailed medical plans.

Nature of the Breach

Preliminary findings from Cyber Daily have revealed substantial intrusions. The published files reportedly contain a comprehensive list of patient records, including healthcare plans and their associated medical practitioners. Alarmingly, the breach also exposes the cervical screening results for numerous women, alongside psychiatric assessments, discharge summaries, and vaccination records.

As of now, the Deakin Medical Centre has not issued a statement in response to these findings, leaving many questions regarding the extent and implications of the breach unanswered.

Context of the Attacks

The Deakin Medical Centre is not alone in facing such threats. Just prior to its breach, two other healthcare institutions in Victoria—Ascot Vale Health Group and Epworth Healthcare—were similarly targeted. The Ascot Vale facility was listed on the Global leak site on June 7, while Epworth’s data was publicly released on June 2.

Since its initiation of attacks on June 2, the Global group has reportedly added 15 victims to their list, reflecting a troubling trend for healthcare providers in the region.

Unpacking the Ransomware Group’s Strategy

Though little is known about the Global group itself, its tactics suggest a strategic evolution towards establishing a ransomware-as-a-service (RaaS) model. Their darknet leak site features promotional materials indicating plans for future operations that would offer lucrative affiliate opportunities. The video outlines a commitment to provide ongoing support, regular updates, and customizable features for potential partners.

Interestingly, the group claims a modest cut of 15% on any ransom payments but, for the moment, has maintained that it is not yet operating as a traditional RaaS provider. Instead, it appears focused on showcasing the capabilities of its platform by publicly leaking victim data.

Profile of Deakin Medical Centre

The Deakin Medical Centre serves a vital role in the Mildura community, employing eight doctors and a support staff of 12. It offers a wide range of services, including health assessments, GP management plans, women’s and men’s health services, and telehealth consultations. This significant breach raises concerns not only for the center’s operational integrity but also for the privacy and security of its patients’ sensitive information.

The ongoing sequence of ransomware attacks on Australian healthcare entities reveals a critical need for enhanced cybersecurity measures. As these threats continue to proliferate, the safety of personal and medical information hangs in the balance.