The US Federal Bureau of Investigation (FBI) has joined other federal agencies in issuing an alert about an “increased and imminent” threat of cybercrime facing US healthcare institutions. According to the warning, cyber extortionists are attempting to lock up hospital information systems – just as the country is grappling with a rising number of Covid-19 cases.
A report in the British newspaper “The Guardian” reveals that in the current week alone, at least five hospitals in the United States have been handicapped through ransomware from a Russian-speaking crime syndicate, leaving hundreds of others at risk. Charles Carmakal, Chief Technical Officer of the cybersecurity firm Mandiant, is quoted as saying: “We are experiencing the most significant cyber security threat we’ve ever seen in the United States.”
Security researcher Alex Holden, CEO of Hold Security, contacted the US federal law enforcement agency at the end of last week to alert them about the new wave of attacks using the Ryuk malware, which is typically snuck into companies by way of Emotet and Trickbot. According to Holden, the blackmailers are demanding ransoms far higher than 10 million US dollars per target and are already lining up 400 other potential targets in Darknet discussions. “One of the comments from the bad guys is that they are expecting to cause panic and, no, they are not hitting election systems,” Holden went on to say. “They are hitting where it hurts even more, and they know it.”
The FBI’s warning was issued in conjunction with the Department of Homeland Security and the Department of Health and Human Services. The plague of ransomware attacks on US public institutions has been intensifying for the past year and a half, impacting a number of major cities.
In September, the internationally active hospital chain, Universal Health Service, was paralyzed by ransomware to such an extent that doctors and nurses were forced to rely on paper and pencil to keep records, leading to chaotic conditions that hampered patient care. These kinds of attacks are by no means limited to the USA – in September a ransomware attack on a clinic in Düsseldorf claimed the life of a patient.
In the vast majority of cases, emails with infected attachments or containing links to websites with infected drive-by-downloads serve as a gateway for the malware. In addition to the very important task of sensitizing users about these risks, an email security service can provide state-of-the-art safeguarding mechanisms to prevent such attacks from succeeding. To find out how Retarus’ Secure Email Platform can protect your infrastructure, please take a look at our website or get in touch with your local Retarus representative.