A group of hackers from Turkey claim they were responsible for hacking a hospital in Los Angeles and promise to continue such attacks if the U.S. government continues to support Kurdish rebels, but these claims are impossible to verify without proof.
Earlier this month, Hollywood Presbyterian Medical Center confirmed it had paid hackers $17,000 worth of bitcoin to release its computer systems, which hackers had locked down with ransomware — a piece of malware — for over a week. In the wake of that attack, a message claiming to be from the hackers responsible was posted on text-sharing site Pastebin. The message, titled “We owned Hollywood hospital,” reads:
So thanks to feebleness of weak-wiled Americans We became richer and earned $17k! If you read this message you must understand that Turkey is the great cyber-power whose might you have witnessed! If Washington keeps on supporting Kurdish terrorists Turkish hackers will become richer!
The Obama administration has been supporting Syrian Kurdish rebels, and earlier this month Turkey’s prime minister chastised the White House, saying Washington’s inability to grasp the rebels’ true nature had turned the region into a “sea of blood.”
Pastebin allows users to post content anonymously and no evidence has been provided to verify the claims made in the post. Security experts who spoke to International Business Times questioned the veracity of the claims made in the statement.
Kevin Epstein, who heads the Threat Operations Centre at Proofpoint, said that attribution of cyberattacks is notoriously difficult as cybercriminals typically route data through multiple countries and multiple servers within countries, leave false “evidence” pointing to other groups, and generally attempt to conceal their tracks. “It is unclear whether the recent postings claiming attribution are genuine, or deliberately misleading, or simply an entirely different group or individual leveraging the recent publicity.”
Another issue highlighted by Proofpoint is the fact that political motivation has not been used by groups employing ransomware recently, and the use of the word “pwned” also called the claims into question, as “this was hardly a sophisticated attack worth bragging about.”