HomesecurityHSE attack: Hackers provide decryption tool, but threaten data leakage

HSE attack: Hackers provide decryption tool, but threaten data leakage

The ransomware gang Accounts seems to have offered one for free decryption tool on Irish public health system (HSE), which violated last Friday. However, the hackers warn that they will sell or publish the data who stole from the systems, if they do not receive ransom.

Learn more: Hackers targeted Ireland's public health system (HSE)

Conti ransomware
HSE attack: Hackers give decryption tool, but threaten data leakage

The Ministry of Health was able to stop the attack, but the HSE was forced to shut down its IT systems to prevent further device encryption.

This shutdown of IT systems created various problems, as many hospitals could not access patient records.

See also: Conti ransomware gang demands $ 20 million from Irish HSE

The hackers provided free decryption tool

The ransomware gang posted a link to the chat / trading page that led to a free decryptor.

However, the hackers insist they will sell or publish the stolen data if no ransom of $ 19,999.000 is paid.

"We provide the free decryption tool for your network. But you have to understand that we will sell or publish a lot of private data if you do not connect us and try to resolve the situationSays the ransomware gang Conti on the Tor payment site.

HSE data leakage
HSE attack: Hackers give decryption tool, but threaten data leakage

Experts have confirmed that the decryption tool is valid and that the data is actually decrypted.

Since the initial attack, there has been no further conversation between the HSE and the Conti ransomware gang.

See also: Conti ransomware also targeted the Irish Ministry of Health!

The safest approach is still restoring systems from backups, but the hackers' decryption tool can be used to recover missing data from the copies.

The Irish government knows about the free cryptographer, but will proceed technical analysis of the tool to detect possible malicious properties.

The decryption tools offered by criminals are usually buggy and do not quickly decrypt victims' files. The security company Emsisoft has created one "Universal Decryptor" twice as fast when decrypting files.

HSE Ireland can use Emisoft Cryptographer for free as part of its current assistance program to providers health care.

However, although the HSE can now recover encrypted files, there is still a big problem, as there is a risk of leaking sensitive data.

Source: Bleeping Computer

Digital fortress
Pursue Your Dreams & Live!