Lives Are At Stake As More US Hospitals Are Hacked

Uploaded on 2022-07-25 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Health & Welfare

 US government agencies have warned that hospitals across the US have been hit by an aggressive ransomware campaign originating from N. Korea since 2021. 

The number of ransomware attacks on US healthcare organisations has increased by 94% from 2021 to 2022, according to a report from leading cyber security firm Sophos.

Some ransomware gangs pledged to not target medical facilities during the COVID-19 pandemic, but hospitals are still getting hit. Vitally, these attacks don't just affect  IT systems.

Ransomware attacks, in which criminal hackers encrypt computer networks and demand payment to make them functional again, have been a growing concern for both the private and public sector since the 90s. But they can be particularly devastating in the healthcare industry, where even a few minutes of downtime can have deadly consequences and have become ominously frequent.

Ransomware attacks on healthcare are particularly common in the US, with 41% of such attacks globally having been carried out against US-based firms in 2021. “The current outlook is terrible,” said Israel Barak, CISO of Cybereason. “We are seeing the industry experience an extremely sharp increase in both the quantity and level of sophistication of these attacks.”

Ransomware attacks have caused major healthcare disruptions, including delayed chemotherapy treatments and ambulances being diverted after computer systems were frozen. In 2021, a lawsuit filed by the mother of a baby who died in Alabama was the first “death by ransomware”, blaming a 2019 hack of a hospital for fatal brain damage of the newborn after heart rate monitors failed.

The potentially devastating consequences for medical facilities may be one of the reasons hackers have identified them as a high-profile target. 

The Cybersecurity and Infrastructure Security Agency (CISA) advise hospitals against paying ransoms, but providers often feel they have no choice. In 2021, 61% of healthcare organisations that suffered a ransomware attack paid the ransom, the highest percentage of any industry sector. “The North Korean state-sponsored cyber actors likely assume healthcare organisations are willing to pay ransoms because these organisations provide services that are critical to human life and health,” according to Barak. “When lives are at stake, it makes the decision very easy,” Barak said. “These attackers have identified medical organisations as very, very good targets because they are more likely to pay.” he said.

Attacks are typically carried out by private groups of criminals. In the third quarter of 2021, 30% of ransomware attacks on healthcare entities were carried out by Conti, a crime syndicate thought to be based in Russia, according to an industry report from cyber security firm BreachQuest. However, the recent incidents attributed to N Korea are just the latest state actor to orchestrate ransomware attacks on healthcare organisations.

The healthcare industry has been hit by a perfect storm of factors that have escalated the ransomware problem, with patient information is increasingly being digitised as hospitals struggle with small internet security budgets.

In 2009, the Obama administration passed a bill requiring all public and private healthcare providers to adopt electronic medical records by 2014, resulting in a massive migration of paper patient records to online systems. Today, just 4-7% of the average healthcare provider’s annual IT budget is focused on cyber security, the BreachQuest study said. The move was accelerated by the pandemic, he added, as more providers shifted online to connect with patients during lockdown and hospital staff were stretched thin by the influx of very ill  patients.

CISA has advised a “3-2-1 backup approach” for healthcare entities, including saving three copies of each type of data in two different formats, including one offline. But the CISA advisory to hospitals is “somewhat unhelpful”, said Vincent Berk, chief security officer at the cyber security firm Quantum Xchange, offering generic recommendations about securing data with little clear path to doing so. “The issue with this attack, and any other ransomware attack, is that the cure doesn’t really exist,” he said. “In other words, if it happens, it is already too late.” he said.

Sophos:     NBC:     Guardian:    ISC2:     CBS:     Techtarget:     AHA Innovation:    

You Might Also Read: 

Cyber Attack On US Children's Hospital:

 

« FBI Issues A Warning To Users Of Crypto Currency Apps
Magecart Attacks Hit Hundreds Of US Restaurants »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Puppet

Puppet

Puppet is a leader in IT automation. Our software helps DevOps securely automate configuration and management of machines and the software running on them.

Miller Group

Miller Group

Miller Group is an IT managed service provider. We proactively monitor and manage your entire business computer network. Services include backup & recovery and cyber security.

LATRO Services

LATRO Services

LATRO Services is a complete solution provider to discover, locate, and eliminate telecom fraud.

ANSI National Accreditation Board (ANAB)

ANSI National Accreditation Board (ANAB)

ANAB is the largest accreditation body in North America. The directory of members provides details of organisations offering certification services for cybersecurity related standards.

Venrock

Venrock

Venrock helps entrepreneurs build some of the world's most disruptive, successful companies. We invest in technology: Security, Cloud Services, Big Data, Healthcare IT, AdTech.

jobsDB.com

jobsDB.com

jobsDB Singapore is a search engine for jobs throughout Singapore.

Presidio

Presidio

Presidio is a leading North American IT solutions provider focused on Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions.

Encova Insurance

Encova Insurance

Encova’s cyber liability coverage protects you and your customers in case of a security breach in your company's data.

Winmill Software

Winmill Software

Winmill is a technology services company that provides expert consulting services in Application Development, Application Security and Cyber Security.

Radiance Technologies

Radiance Technologies

Radiance solutions provide technological advantage and operational superiority for our nation in the areas of intelligence, cyber and advanced weapon systems.

Ignite Cyber

Ignite Cyber

IGNITE Cyber is focused on enabling secure technology adoption through intelligent business decisions. We are focused on providing a secure and stable business environment for everyone.

Gleam Cloud Security Solutions (GCSS)

Gleam Cloud Security Solutions (GCSS)

GCSS Security is an information security firm providing cyber security protection with a highly skilled and experienced team focused on technology that creates best-in-class customer experiences.

Benchmark Executive Search

Benchmark Executive Search

Benchmark specializes in finding elite talent for startup, emerging-growth and mid-cap companies offering game-changing technologies or innovative services to the federal and commercial markets.

3DOT Solutions

3DOT Solutions

3DOT Solutions is an established UK cybersecurity consultancy focused on delivering end-to-end cyber security solutions for private and public sector customers.

Thero6

Thero6

Thero6 develop dynamic financial analysis algorithms that help prevent coin collapses and theft of cryptocurrency funds by identifying the transaction absolutely throughout the chain.

Hakai Security

Hakai Security

Hakai is a consulting firm specializing in information security that offers customized services and products to meet the needs and goals of each business.