US Hospitals Threatened By Ransomware Attack

The FBI, Cybersecurity and Infrastructure Security Agency (CISA) and Department of Health and Human Services (HHS) said in a statement that there is “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.”

The information was shared by the agencies “to provide warning to healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats,” the statement noted.

According to the alert, “malicious cyber actors” are targeting the sector with Trickbot malware, which is typically a precursor to ransomware attacks and data theft.

The malware provides hackers with a “suite of tools to conduct a myriad of illegal cyber activities” such as credential harvesting, mail exfiltration, cryptomining and more, the alert stated.

A network of zombie computers called Trickbot have new modules named Anchor that the FBI started tracking last year, according to the statement. The attacks use ransomware known as Ryuk, which goes after high-profile corporations, generally extracting data from networks and point-of-sale devices.

Independent security experts have said that the hack hit five hospitals this week but could potentially attack hundreds more, according to the AP.

“We are experiencing the most significant cybersecurity threat we’ve ever seen in the United States,” Charles Carmakal, chief technical officer of the cybersecurity firm Mandiant, said in a statement to the AP.

Alex Holden, CEO of Hold Security, has been chasing the suspected ransomware for over a year, the AP reported. He said the timing with the Nov. 3 election and the worldwide pandemic could be “unprecedented in magnitude.”

In related news, as the pandemic started unfolding over March and April, attacks on IT systems, many at healthcare facilities, went up 6,000 percent. Earlier this year, a hacking group tried to breach the World Health Organization (WHO).