Mohiuddin AhmedandPaul Haskell-Dowland

Opinion | Why does Australia keep facing cyberattacks on its health services?

In the latest incident, cyber criminal group Medusa says it has stolen thousands of files relating to a Sydney cancer treatment facility, and wants ransom money

Previous cyberattacks in the country have targeted insurer Medibank and Eastern Health, which operates hospitals in Melbourne; surgeries had to be postponed

Reading Time:4 minutes

Why you can trust SCMP

Another healthcare facility in Australia, this time a cancer treatment facility in Sydney, has been targeted by hackers, who are demanding money in exchange for stolen information. File photo: TNS

Mohiuddin AhmedandPaul Haskell-Dowland

Published: 5:00am, 9 May 2023

It seems hardly a day goes by without another report of a cybercrime incident. With last year’s cyberattack on health insurer Medibank still fresh in Australians’ minds, the latest assault in the country is on a Sydney cancer treatment facility, the Crown Princess Mary Cancer Centre in Westmead Hospital.

The cyber criminal group Medusa claims to have stolen thousands of files and is holding the facility to ransom.

In what has become a common practice, the criminal gang seems to be using double extortion. In such scenarios, criminals typically demand a fee to “release” the data back to the organisation, often with a “sample” made available to verify their claims.

The gangs then double-down with threats to publicise the data via their websites if payment is not made – in this case, a deadline of seven days.

Medusa is offering a range of options to delay the public release of data by 24 hours (US$10,000), or to download and/or delete the data from the gang for US$100,000.

It is currently unclear what will happen on Friday morning if the ransom is not paid. However, the Medusa Blog offers free access to data stolen from previous victims who did not pay the ransom by the deadline.