Home Cyber Security US hospitals fall victims to ransomware attacks amid rise in Covid cases

US hospitals fall victims to ransomware attacks amid rise in Covid cases

Attack was carried out by cyber criminals from Eastern Europe, say experts

Some US hospitals have been hit by simultaneous ransomware attacks, structured to cause harm to healthcare systems. These attacks were carried out by cyberattackers in Eastern Europe seeking financial gain, experts at the cybersecurity firm FireEye’s Mandiant division told NPR.

Ransomware is a malicious software that accesses and takes over the victims data. It then threatens to publish it or to keep the victim blocked from their own data unless a ransom is paid.

Many hospitals across the US have been vulnerable to ransomware attacks ever since the beginning of the pandemic. Ransomware attacks have been targeting US hospitals since July. St Lawrence Health Systems in New York, and the Sky Lakes Medical Centre in Oregon have admitted to being victims of ransomware attacks recently. Other hospitals have also expressed their concerns.

The virus used to attack St Lawrence Health Systems has been identified as Ryuk ransomware. The ransomware has often been delivered using the TrickBot botnet. Both TrickBot and Ryuk are linked to earlier attacks operating from Russia.

Ryuk is largely used to attack enterprises. The ransomwareidentifies and encrypts network drives and resources, along with deleting shadow copies at the end. Without external backups or rollbacks, it is almost impossible to recover from a Ryuk attack.

The virus usually enters the victims system through spam emails sent from spoofed addresses. Such attacks usually begin when a user opens a Microsoft Office document attached to the phished email. This enables the download of Trojan Emotet, which then downloads TrickBot in the system of victims. TrickBot works as a spyware, collecting all the details of the victim, knowing their assets and then asking for ransom.

The US Cybersecurity and Infrastructure Security Agency (CISA) released a warning on October 28, 2020 addressing the issue of ransomware attacks on hospitals and other healthcare systems. “CISA, FBI, and (the Department of Health and Human Services) have credible information of an increased and imminent cybercrime threat to US hospitals and healthcare providers. CISA, FBI, and HHS are sharing this information to warn healthcare providers to ensure that they take timely and reasonable precautions to protect their networks, read the advisory.

The CISA advised hospitals to create a backup. Shields up!Assume Ryuk is inside the house. Executives, be ready to activate business continuity and disaster recovery plans. IT sec teams, patch, MFA, check logs, make sure you have a good backup point,” warned Chris Krebs, director of CISA.

Mandiant, a cybersecurity firm working with the government on the issue, said they identified some of the attacks. “An Eastern European financially motivated threat actor, is deliberately targeting and disrupting US hospitals, forcing them to divert patients to other healthcare providers. Patients may experience prolonged wait time to receive critical care,” said Charles Carmakal, SVP and CTO of Mandiant, in a press statement.


Please enter your comment!
Please enter your name here

Most Popular

Italy’s watchdog fines Apple €10mn for misleading iPhone claims

Italian Antitrust Authority, Autorità Garante della Concorrenza e del Mercato (AGCM) has fined Apple 10 million euros for misleading and aggressive commercial practices. On Monday,...

Lenovo launched Legion 5 gaming laptop with AMD Ryzen 4000 series Processor

Lenovo on Tuesday, December 1st 2020, launched a new gaming laptop – Lenovo Legion 5. The laptop is powered by AMD Ryzen 5 4600H...

Amazfit GTS 2 Mini, Amazift Pop Pro go official in China

Amazfit has today added to its impressive portfolio of smartwatches with two more offerings. The fitness tracker maker has released the Amazfit GTS 2...

Uttar Pradesh to get its gigantic data center by June 2022

Due to a shortage of data centers, companies in the state are forced to keep their data abroad India’s most populous state Uttar Pradesh has...

Recent Comments