[ad_1]
Federal agencies have warned that the US healthcare system faces a “growing and imminent” threat from cybercrime, and that cybercriminals are unleashing a wave of extortion attempts designed to block hospital information systems. , which could harm patient care as well as Covid cases nationwide. -19 are going up.
In a joint alert Wednesday, the FBI and two federal agencies warned that they had “credible information of a growing and imminent threat of cybercrime to US hospitals and healthcare providers.” The alert said malicious groups are targeting the sector with attacks that produce “data theft and disruption of health services.”
Cyberattacks involve ransomware, which scrambles data into gibberish that can only be unlocked with provided software keys once targets pay. Independent security experts say it has already hampered at least five US hospitals this week and could affect hundreds more.
The offensive by a Russian-speaking criminal gang comes less than a week before the elections, although there is no immediate indication that they were motivated by anything other than profit.
“We are experiencing the most significant cybersecurity threat we have ever seen in the United States,” said Charles Carmakal, technical director at cybersecurity firm Mandiant, in a statement.
Alex Holden, CEO of Hold Security, which has been closely monitoring the ransomware in question for over a year, agreed that the offensive being developed is unprecedented in magnitude for the US, given the opportune moment in the heat of a contentious presidential election and the worst. global pandemic in a century.
The Department of Homeland Security and the Department of Health and Human Services were co-authors of the federal alert.
The United States has witnessed a ransomware plague in the last 18 months, with major cities from Baltimore to Atlanta affected and local governments and schools especially affected.
In September, a ransomware attack affected all 250 US facilities of the Universal Health Services hospital chain, forcing doctors and nurses to rely on pencil and paper for record keeping and slowing down laboratory work. Employees described chaotic conditions that impede patient care, including mounting waits in the emergency room and the failure of wireless vital signs monitoring equipment.
Also in September, the first known ransomware-related death occurred in Duesseldorf, Germany, when an IT system failure forced a critically ill patient to be sent to a hospital in another city.
Holden said he alerted federal police on Friday after monitoring infection attempts at several hospitals. He said the group was demanding ransoms well in excess of $ 10 million per target and that criminals involved in the dark web were discussing plans to try to infect more than 400 hospitals, clinics and other medical facilities.
“One of the comments from the bad guys is that they hope to cause a panic and, no, they are not hitting the electoral systems,” Holden said. “They are hitting where it hurts even more and they know it.”
Carmakal described the Eastern European group as “one of the most blatant, ruthless and disruptive threat actors I have ever observed in my career.”
The cybercriminals launching the attacks use a strain of ransomware known as Ryuk, which spreads through a network of zombie computers called Trickbot that Microsoft began trying to counter in early October.
While no one has shown suspicions of links between the Russian government and the gangs using the Trickbot platform, Holden said he “has no doubt that the Russian government is aware of this operation, terrorism, actually.” He said dozens of different criminal groups use Ryuk, paying their architects a cut.
