Ransomware attacks on American hospitals

Ransomware attacks on American hospitals
Cybercriminals located in Eastern Europe are targeting dozens of American hospitals with ransomware attacks. This is what is reported in the notice issued by the FBI and addressed to the facilities, asking them to take it into account and to organize themselves accordingly so that they can face the threats by adopting adequate protection systems.

Ransomware: hospitals USA in the crosshairs of criminals

Numerous operations reported in the last period, three confirmed only this week in Oregon, California and New York. According to a doctor from one of the hospitals affected, following the compromise, the staff was forced to return to the management of documents and medical records in paper format. A luxury that cannot be afforded now that we are in the throes of a global health crisis.

We can still observe vital signs and conduct clinical investigations, but the results must be reported on paper only.

Responsibility for the actions seems to be attributable to the Wizard Spider group also known as UNC 1878. There are two main tools used by criminals: the Ryuk ransomware and the TrickBot botnet (recently hit by Microsoft), both well known to those who follow the events in the territory of cybersecurity.

We have written on these pages in the past few weeks about a case in which the consequences of a ransomware attack perpetrated against a hospital led to the death of a woman in Germany. To prevent situations of this type from occurring overseas, experts from the FBI and the Department of Homeland Security have suggested constantly making backups, limiting as much as possible the Internet connection of the machinery used and prohibiting the use of personal emails to those who operates in the structures.

The investigations conducted have unearthed conversations on the Dark Web in which a plan is discussed to quickly hit a total of about 400 US public and private structures.

Source: CISA

Powered by Blogger.