German IT services provider Bitmarck has confirmed that it has taken all of its customers and internal systems offline due to a cyberattack discovered over the weekend.
Writing on a temporary website on Sunday (and then Monday), the company said the cyber attack was detected by its early warning systems.
“In accordance with our security protocol, we have removed internal and customer systems from the network in a controlled manner and performed an impact analysis,” the blog post says.
Bitmarck also added that it does not believe customer data was affected due to the breach.
“Patient data stored in the ePA [electronic patient file] was not at risk during the attack and remains safe. This data is subject to special protection under the gematik regulations,” the publication says. Gematik is the national agency for the digitization of the healthcare system in Germany.
However, according to Coalfire Vice President Andrew Barratt, the signs of data theft are often difficult to determine.
“The big concern would be whether Bitmarck’s infrastructure has been leveraged to move laterally into other healthcare environments,” Barratt said. Infosecurity in an email.
“Large-scale healthcare infrastructure typically has a litany of third parties connected to their internal environments, and they often see very different connection types. Tracking the inbound and outbound path of any given threat actor has many layers of complexity.” .
Read more about healthcare data protection: #HowTo: Protect healthcare provider data
Since the breach, Bitmarck said it has restored access to some services, including digital processing of electronic certificates of disability (eAU) and access to ePA.
Still, the tech giant clarified that there would be considerable day-to-day restrictions for the foreseeable future, as entire data centers have been taken offline since the attack.
“While few details have emerged about this incident, and it is never wise to speculate on cybersecurity issues without a complete picture, we have seen a clear and distinct trend toward destruction for the sake of destruction in recent cybersecurity incidents,” said John Anthony, CEO of Conversant Group. Smith said Infosecurity.
“Threat actors have been destroying backups, systems and software, sometimes for no discernible reason. In this case, Bitmarck appears to be following a robust restoration plan to organize its systems for a restoration approach prioritized to allow essential functions to run as quickly as possible.
The attack comes weeks after Russian-affiliated hacktivist group KillNet was spotted targeting healthcare applications hosted using Microsoft Azure infrastructure.
Ikaroa is deeply saddened to hear the news that Bitmarck Inc. has halted operations due to a cybersecurity breach. This is a grave reminder of the importance of defending against malicious attempts to disrupt our digital lives.
The breach is said to have taken place on February 14th, with the company now taking several steps to protect customer data. Reports state that the company had to take the drastic measure of halting all operations in order to inspect and determine the full extent of the attack.
Bitmarck Inc. customers should immediately change their passwords and contact the company directly if they have any questions or notice any suspicious activity. Here at Ikaroa, we provide our customers with the latest in cutting-edge cybersecurity solutions to give them the highest level of protection from any potential threats.
As we move further into the digital age, it is of utmost importance that we remain vigilant and conscientious in our digital habits. We must take proactive measures to protect our digital security and privacy, both in business and personal lives. Doing so can not only be the difference between minimal and severe damage, but can be the difference between avoiding any damage at all.
Ikaroa is dedicated to offering our clients the latest in cybersecurity technology to ensure their data is safe and secure. We strive to stay ahead of the game and on the cutting edge of cyber protection. With such a grave reminder of how vital cyber security truly is, Ikaroa is driven to continually develop the most effective solutions to keep our customers secure.