Search
Close this search box.

Cybercriminals Are Targeting U.S. Hospital Systems

cyber criminal

As healthcare institutions face growing pressures to prioritize patient health and data security, cybercriminals are sparing no one. According to the FBI, the U.S. healthcare system faces an increased and imminent threat of extortion efforts designed to lock up information systems. Malicious groups supposedly intend to commit data theft and disruption of health services. 

What are the Cybercrime Threats Against Hospitals?

Federal agencies state that the cyberattacks involve ransomware, which scrambles data, unlockable with software keys provided only after the targets pay up. Since the attacks began, five hospitals fell victim to the ransomware, with experts predicting at least a hundred more digital assaults. 

Investigators believe the attacks occurring a week ahead of the election originated from a Russian-speaking criminal gang, motivated entirely by profit. As per the chief technical officer of cybersecurity firm Mandiant, Charles Carmakal, the current threat is the most significant the United States has ever seen. 

Alex Holden, CEO of Hold Security, agrees, stating that the ransomware offensive is unprecedented in magnitude for the country, given that the event coincides with the presidential election and worst global pandemic in over a century. 

The Department of Homeland Security and the Department of Health and Human Services have since co-authored a federal alert. 

A History of Ransomware in America

Despite the extent of the attack, the ransomware is nothing unforeseen in America. In the last 18 months, major cities from Baltimore to Atlanta have had to mitigate threats in both schools and local governments. 

In September of 2020, ransomware attacks targeted all 250 U.S. facilities under the healthcare chain Universal Health Services. For a period, doctors and nurses had to rely on handwritten record-keeping, slowing lab work and impeding patient care. During the digital blackout, hospital employees described the conditions as chaotic, catering to mounting emergency room waits, and monitoring equipment failure. 

The first known ransomware fatality occurred in Dusseldorf in the same month after an IT system failure wrongfully indicated the transfer of a critical patient. 

Where Does the Ransomware Threat Lie Now?

The Russian group at hand is demanding ransoms of over $10 million per target and are intending to infect more than 400 hospitals, clinics, and medical facilities. According to Holden, dark web participants aim to “cause panic,” though don’t plan to hit election systems. 

On the other hand, Carmakal describes the European-based hacker group as “one of [the] most brazen, heartless, and disruptive threat actors I’ve observed over my career.”

What Ransomware is in Play?

The ransomware in question is Ryuk, which is seeded through a network of “zombie” systems known as Trickbot. Since October of 2020, Microsoft has been employing new methods of countering the attack. 

While there is no suspected connection to the Russian government, U.S. federal agents believe that they are aware of the existing “terrorism.” 

Conclusion

Dozens of criminal groups are learning to leverage the damaging consequences of Ryuk to target the healthcare industry, among others. As the threat pervades, the U.S. federal government works tirelessly to contain the threat and ease the mounting alarm. 

Stay up-to-date with medical news in real-time at Dose of Healthcare. We relay the most accurate information to help enlighten both healthcare professionals and casual readers.