DISGOMOJI: Novel Linux Malware, Ransomware Attack Cripples NHS Supplier: Your Cybersecurity News Roundup
Ascension Healthcare Hit by Ransomware Attack
Ascension, a large healthcare system in the United States, was hit by a ransomware attack in 2024. The attack disrupted operations at Ascension hospitals and clinics across the country, and some patient data was compromised. The attack significantly disrupted operations across all 142 Ascension hospitals, impacting electronic medical records, phone systems, and other critical services. While the full extent of the damage is still under investigation, it has been confirmed that some patient data was compromised in the attack. Ascension is working to restore its systems and recover lost data, offering credit monitoring and identity theft protection services to affected individuals.
Ransomware Attack Cripples NHS Supplier, Hundreds of Operations Cancelled
A ransomware attack on NHS supplier Synnovis caused over 800 operations and 700 outpatient appointments to be cancelled in the first week alone. The attack, attributed to the Russian Qilin group, disrupted pathology services at major hospitals like King’s College and Guy’s and St Thomas’. The disruption has rippled across the southeast region, affecting the processing of crucial blood tests and impacting patient care. The NHS is scrambling to mitigate the damage, implementing contingency plans like using alternative pathology providers and increasing weekend clinics to accommodate urgent cases. However, the road to recovery is expected to be long, with experts predicting months of disruption before services return to normal. Patients are advised to attend appointments as usual unless contacted otherwise. This incident marks one of the most disruptive cyberattacks on the NHS since 2017.
Paris Olympics to Leverage Artificial Intelligence for Athlete Protection and Event Security
In a move to safeguard athletes and ensure the smooth operation of the upcoming Paris Olympic Games, the International Olympic Committee (IOC) has announced a comprehensive plan to utilise artificial intelligence (AI) in multiple facets of the event.
A core focus of this initiative is protecting athletes from online harassment and abuse. AI-powered tools will be deployed to monitor social media platforms, proactively identifying and filtering out malicious comments. This proactive approach aims to create a safe and supportive digital environment for athletes, safeguarding their mental well-being during this high-pressure event.
In addition to athlete protection, AI will play a crucial role in enhancing overall event security. The technology will be leveraged to strengthen cybersecurity measures, ensuring the integrity of critical systems and protecting against potential cyber threats. Furthermore, AI will be utilized to optimize incident response, enabling faster and more efficient reactions to any security breaches or emergencies that may arise during the Games.
While the integration of AI offers significant potential for improving athlete welfare and event security, it has also raised concerns regarding privacy and surveillance. The French government has assured the public that facial recognition technology will not be employed, but questions remain about how AI will be used for monitoring purposes.
DISGOMOJI: Novel Linux Malware Uses Emojis for Covert Command and Control via Discord
Cybersecurity researchers at Volexity have recently uncovered a sophisticated Linux malware dubbed DISGOMOJI, which utilizes an innovative command and control (C2) mechanism based on emojis sent through Discord. Primarily targeting government agencies in India, this malware is believed to be the creation of a Pakistan-based threat actor known as UTA0137.
DISGOMOJI is a modified version of the open-source project discord-c2, leveraging Discord’s messaging platform for communication. By typing specific emojis into a dedicated Discord channel, attackers can issue various commands to the compromised systems, including downloading additional malware, exfiltrating data, and conducting reconnaissance on the infected network.
This novel use of emojis for C2 communication could potentially bypass traditional security measures that focus on text-based commands, making DISGOMOJI a particularly stealthy threat. The malware also incorporates features such as network tunneling and file exfiltration, indicating a clear focus on espionage activities.
While the primary target of DISGOMOJI appears to be government entities in India, the discovery of this unique malware highlights the evolving tactics of cybercriminals and the importance of staying ahead of the curve in the ongoing fight against cyber threats.
