Home Cyber Security US hospitals fall victims to ransomware attacks amid rise in Covid cases

US hospitals fall victims to ransomware attacks amid rise in Covid cases

Attack was carried out by cyber criminals from Eastern Europe, say experts

Some US hospitals have been hit by simultaneous ransomware attacks, structured to cause harm to healthcare systems. These attacks were carried out by cyberattackers in Eastern Europe seeking financial gain, experts at the cybersecurity firm FireEye’s Mandiant division told NPR.

Ransomware is a malicious software that accesses and takes over the victims data. It then threatens to publish it or to keep the victim blocked from their own data unless a ransom is paid.

Many hospitals across the US have been vulnerable to ransomware attacks ever since the beginning of the pandemic. Ransomware attacks have been targeting US hospitals since July. St Lawrence Health Systems in New York, and the Sky Lakes Medical Centre in Oregon have admitted to being victims of ransomware attacks recently. Other hospitals have also expressed their concerns.

The virus used to attack St Lawrence Health Systems has been identified as Ryuk ransomware. The ransomware has often been delivered using the TrickBot botnet. Both TrickBot and Ryuk are linked to earlier attacks operating from Russia.

Ryuk is largely used to attack enterprises. The ransomwareidentifies and encrypts network drives and resources, along with deleting shadow copies at the end. Without external backups or rollbacks, it is almost impossible to recover from a Ryuk attack.

The virus usually enters the victims system through spam emails sent from spoofed addresses. Such attacks usually begin when a user opens a Microsoft Office document attached to the phished email. This enables the download of Trojan Emotet, which then downloads TrickBot in the system of victims. TrickBot works as a spyware, collecting all the details of the victim, knowing their assets and then asking for ransom.

The US Cybersecurity and Infrastructure Security Agency (CISA) released a warning on October 28, 2020 addressing the issue of ransomware attacks on hospitals and other healthcare systems. “CISA, FBI, and (the Department of Health and Human Services) have credible information of an increased and imminent cybercrime threat to US hospitals and healthcare providers. CISA, FBI, and HHS are sharing this information to warn healthcare providers to ensure that they take timely and reasonable precautions to protect their networks, read the advisory.

The CISA advised hospitals to create a backup. Shields up!Assume Ryuk is inside the house. Executives, be ready to activate business continuity and disaster recovery plans. IT sec teams, patch, MFA, check logs, make sure you have a good backup point,” warned Chris Krebs, director of CISA.

Mandiant, a cybersecurity firm working with the government on the issue, said they identified some of the attacks. “An Eastern European financially motivated threat actor, is deliberately targeting and disrupting US hospitals, forcing them to divert patients to other healthcare providers. Patients may experience prolonged wait time to receive critical care,” said Charles Carmakal, SVP and CTO of Mandiant, in a press statement.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Global 5G chipset market forecasted to reach USD 22,929 Million by 2026

The growing demand for mobile data services is expected to increase the 5G chipset market size growth The global 5G Chipset market size is expected...

Government aims to setup one EV charging station for every 69,000 petrol pumps

To speed up the process, the government has also reduced 5% GST on electric vehicles In an effort to boost electric vehicle production in India,...

Samsung’s next wireless earbuds may “ditch” the Bean-shaped design

Samsung gained a lot of attention for its launch of beans-shaped Galaxy Buds Live Earbuds this year. Although at first, it seemed like the...

Why was Infinix Zero 8i launch delayed to Dec 3rd

Earlier in November, reports online began hinting that Infinix is gearing up to launch the new ‘Zero’ Series in India. The Infinix Zero 8...

Recent Comments