FBI and DHS Warn Hospitals and Healthcare Providers of Credible Cyber Threats
Federal agencies are warning hospitals and healthcare providers of a credible threat of increased cybercrime resulting in ransomware, data theft, and disruption of services.
The agencies said they were sharing the information “to provide warning to healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats.”
Key findings of the advisory are:
- CISA, FBI, and HHS assess malicious cyber actors are targeting the HPH Sector with TrickBot and BazarLoader malware, often leading to ransomware attacks, data theft, and the disruption of healthcare services.
- These issues will be particularly challenging for organizations within the COVID-19 pandemic; therefore, administrators will need to balance this risk when determining their cybersecurity investments.
Fireeye reports at least 5 hospital systems confirmed being under a coordinated ransomware attack the week the advisory was issued.
“We are experiencing the most significant cybersecurity threat we’ve ever seen in the United States. UNC1878, an Eastern European financially motivated threat actor, is deliberately targeting and disrupting U.S. hospitals, forcing them to divert patients to other health-care providers.”
Charles Carmakal, FireEye’s strategic services chief technology officer
The hackers claim to have attacked over 400 hospitals in the U.S.; however, that large of an attack has not yet been confirmed. St. Lawrence Health System in New York, Sonoma Valley Hospital in California, and Sky Lakes Medical Center in Oregon have all publicly stated they were affected by ransomware attacks, according to local news reports. Hackers are likely very aware that healthcare providers have a high probability of paying the ransom because their services are critical. Life and death can literally hang in the balance. Researchers at the security firm Check Point said its survey showed health care has been the most targeted industry by ransomware, with a 71 percent jump in attacks on US providers in October from a month earlier.
The threat of ransomware continues to increase in 2020 but you can fight back against the attacks. Don’t be the next victim. Ransomware is an increasingly common method of attack for hackers against individuals, SMBs and enterprises alike. While the first incidents of ransomware were discovered as early as 2005, the last three years have seen this type of threat explode in popularity — compromising millions of computers and mobile devices around the world. In September, a ransomware attack hobbled all 250 U.S. facilities of the hospital chain Universal Health Services, forcing doctors and nurses to rely on paper and pencil for record-keeping and slowing lab work. Employees described chaotic conditions impeding patient care, including mounting emergency room waits and the failure of wireless vital-signs monitoring equipment.