Amid pandemic, hospitals warned of 'credible' and 'imminent' cyberthreat

Federal agencies alerted hospitals to possible ransomware attacks.

October 29, 2020, 9:29 AM

The FBI, CISA and HHS are warning of an upcoming ransomware attack on hospitals.

“CISA, FBI, and HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers. CISA, FBI, and HHS are sharing this information to provide warning to healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats,” a warning from the agencies said.

The agencies say that the malware “Trickbot” is the primary method used to attack hospitals.

According to the technology firm ForcePoint, malware is "short for malicious software, malware typically consists of code developed by cyberattackers, designed to cause extensive damage to data and systems or to gain unauthorized access to a network."

According to the firm, the attacks usually start in the form of a suspicious email.

“CISA, FBI, and HHS assess malicious cyber actors are targeting the HPH Sector with Trickbot malware, often leading to ransomware attacks, data theft, and the disruption of healthcare services,” they say.

The agencies said that because of the targeted nature of these attacks hospital workers should be on alert for phishing scams and ransomware attacks.

Best practices include patching networks, changing passwords and multi-factor authentication. The three agencies also said hospital systems should be prepared and should have a risk mitigation plan that can easily be activated.

In particular, the agencies warn about the use of Ryuk ransomware and according to the alert, allow for the hacker to freeze computer systems until a monetary amount is paid.

On Thursday, research group SonicWall Capture Labs revealed that Ryuk Ransomware accounts for one third of all ransomware used through the world.

In September, one of the country's largest hospital chains said that all 250 of its locations had been hit with a ransomware attack.

United Health Services said that it "have had no indication that any patient or employee data was accessed, copied or misused."

Related Topics