The University Hospital Centre Zagreb (KBC Zagreb) is currently facing a cyberattack that began on Wednesday night. According to the Croatian Radiotelevision, the hospital has been forced to shut down its information system as a precautionary measure. The hospital is gradually restoring online services once it has determined that it is safe to do so.
Despite the cyberattack, all essential services at the hospital are operational. However, due to the inability to print medical reports, staff members are required to write them by hand. As a result, the processing of patients is slower than usual, and some patients may be redirected to other healthcare facilities. Milivoj Novak, Assistant Director at the hospital, reassured the public that patients’ information has not been compromised, although further investigation is necessary to confirm this.
The recent cyberattack on KBC Zagreb follows a series of DDoS attacks on various Croatian government and financial institutions, including the Ministry of Finance, the Tax Administration, the Croatian National Bank, the Economic Bank of Zagreb, and the Zagreb Stock Exchange. These attacks, claimed by the hacker group NoName057(16), led to temporary disruptions to the institutions’ websites and online services.
Cybersecurity experts have noted a rise in DDoS attacks on Croatian infrastructure, indicating that these attacks remain a prevalent and effective method for disrupting organizational operations. Vlatko Košturjak, CTO at Croatian infosec firm Diverto, emphasized the importance of proactive defense measures and regular testing to mitigate the impact of such attacks.
In light of the escalating geopolitical tensions, there are concerns that the cyberattack on KBC Zagreb may be part of a broader campaign of Russian sabotage operations targeting European and NATO countries. The motives behind the cyber incidents in Croatia are still under investigation, and it remains unclear whether the attacks involve ransomware or are linked to broader geopolitical conflicts.
As the hospital works to restore its information system, officials remain vigilant in monitoring for any potential security vulnerabilities. Novak has indicated that the hospital expects to have its systems back online and fully operational by Friday morning. However, the exact nature of the cyberattack has yet to be confirmed.
The ongoing cyber threats highlight the need for increased cybersecurity measures and collaboration between organizations and internet service providers to safeguard critical infrastructure and healthcare facilities. Despite the challenges posed by cyberattacks, efforts to enhance defenses and resilience against such threats are essential in today’s digital landscape.