Quantcast
Tuesday, December 17, 2024

Federal Agencies Warn of Ransomware Cyber-Attack on Hospitals and Health Systems

'The bad guys smell the problem...'

(Headline USA) Federal agencies warned that cybercriminals could unleash a wave of data-scrambling extortion attempts against the U.S. health care system, an effort that, if successful, could paralyze hospital information systems.

In a joint alert Wednesday, the FBI and two federal agencies said they had credible information of “an increased and imminent cybercrime threat” to U.S. hospitals and health care providers.

The alert said malicious groups are targeting the sector with attacks aiming for “data theft and disruption of healthcare services.”

The impact of the expected attack wave, however, is difficult to assess.

It involves a particular strain of ransomware, which scrambles a target’s data into gibberish until they pay up. Previous such attacks on health care facilities have impeded care and, in one case in Germany, led to the death of a patient. But such consequences are still rare.

The federal warning itself could help stave off the worst consequences, either by leading hospitals to take additional precautions or by expanding efforts to knock down the systems cybercriminals use to launch such attacks.

The offensive coincides with the U.S. presidential election, although there is no immediate indication the cybercriminals involved are motivated by anything but profit.

The federal alert was co-authored by the Department of Homeland Security and the Department of Health and Human Services.

Independent security experts say the ransomware, called Ryuk, has already impacted at least five U.S. hospitals this week and could potentially affect hundreds more.

Four health care institutions have been reported hit by ransomware so far this week, three belonging to the St. Lawrence Health System in upstate New York and the Sky Lakes Medical Center in Klamath Falls, Oregon.

Sky Lakes said in an online statement that it had no evidence patient information was compromised and that emergency and urgent care “remain available.”

The St. Lawrence system said Thursday that no patient or employee data appeared to have been accessed or compromised.

Matthew Denner, the emergency services director for St. Lawrence County, told the Adirondack Daily Enterprise that the hospital owner instructed the county to divert ambulances from two of the affected hospitals for a few hours Tuesday, when the attack occurred. Neither Denner nor the company replied to requests for comment on that report.

In a statement, Charles Carmakal, chief technical officer of the security firm Mandiant, called the cyberthreat the “most significant” the country has ever seen.

The U.S. has seen a plague of ransomware over the past 18 months or so, with major cities from Baltimore to Atlanta hit and local governments and schools walloped especially hard.

In September, a ransomware attack hobbled all 250 U.S. facilities of the hospital chain Universal Health Services, forcing doctors and nurses to rely on paper and pencil for record-keeping and slowing lab work.

Employees described chaotic conditions impeding patient care, including mounting emergency room waits and the failure of wireless vital-signs monitoring equipment.

Also in September, the first known fatality related to ransomware occurred in Duesseldorf, Germany, when an IT system failure forced a critically ill patient to be routed to a hospital in another city.

Increasingly, ransomware criminals are stealing data from their targets before encrypting networks, using it for extortion.

They often sow the malware weeks before activating it, waiting for moments when they believe they can extract the highest payments, said Brett Callow, an analyst at the cybersecurity firm Emsisoft.

A total of 59 U.S. health care providers or systems have been impacted by ransomware in 2020, disrupting patient care at up to 510 facilities, Callow said.

Hospitals and clinics have been rapidly expanding data collection and adding internet-enabled medical devices, many of which are poorly secured.

Hospital administrators, meanwhile, have been slow to update software, encrypt data, train staff in cyber hygiene and recruit security specialists, leaving them vulnerable to cyber-attacks.

And as hospitals respond to the coronavirus crisis, privacy and security protocols fall by the wayside, leaving patients open to identity theft, said Larry Ponemon, a data security expert. “The bad guys smell the problem.”

Adapted from reporting by the Associated Press

Copyright 2024. No part of this site may be reproduced in whole or in part in any manner other than RSS without the permission of the copyright owner. Distribution via RSS is subject to our RSS Terms of Service and is strictly enforced. To inquire about licensing our content, use the contact form at https://headlineusa.com/advertising.
- Advertisement -

TRENDING NOW

TRENDING NOW