US hospitals fall victims to ransomware attacks amid rise in Covid cases

Attack was carried out by cyber criminals from Eastern Europe, say experts

Some US hospitals have been hit by simultaneous ransomware attacks, structured to cause harm to healthcare systems. These attacks were carried out by cyberattackers in Eastern Europe seeking financial gain, experts at the cybersecurity firm FireEye’s Mandiant division told NPR.

Ransomware is a malicious software that accesses and takes over the victims data. It then threatens to publish it or to keep the victim blocked from their own data unless a ransom is paid.

Many hospitals across the US have been vulnerable to ransomware attacks ever since the beginning of the pandemic. Ransomware attacks have been targeting US hospitals since July. St Lawrence Health Systems in New York, and the Sky Lakes Medical Centre in Oregon have admitted to being victims of ransomware attacks recently. Other hospitals have also expressed their concerns.

The virus used to attack St Lawrence Health Systems has been identified as Ryuk ransomware. The ransomware has often been delivered using the TrickBot botnet. Both TrickBot and Ryuk are linked to earlier attacks operating from Russia.

Ryuk is largely used to attack enterprises. The ransomwareidentifies and encrypts network drives and resources, along with deleting shadow copies at the end. Without external backups or rollbacks, it is almost impossible to recover from a Ryuk attack.

The virus usually enters the victims system through spam emails sent from spoofed addresses. Such attacks usually begin when a user opens a Microsoft Office document attached to the phished email. This enables the download of Trojan Emotet, which then downloads TrickBot in the system of victims. TrickBot works as a spyware, collecting all the details of the victim, knowing their assets and then asking for ransom.

The US Cybersecurity and Infrastructure Security Agency (CISA) released a warning on October 28, 2020 addressing the issue of ransomware attacks on hospitals and other healthcare systems. “CISA, FBI, and (the Department of Health and Human Services) have credible information of an increased and imminent cybercrime threat to US hospitals and healthcare providers. CISA, FBI, and HHS are sharing this information to warn healthcare providers to ensure that they take timely and reasonable precautions to protect their networks, read the advisory.

The CISA advised hospitals to create a backup. Shields up!Assume Ryuk is inside the house. Executives, be ready to activate business continuity and disaster recovery plans. IT sec teams, patch, MFA, check logs, make sure you have a good backup point,” warned Chris Krebs, director of CISA.

Mandiant, a cybersecurity firm working with the government on the issue, said they identified some of the attacks. “An Eastern European financially motivated threat actor, is deliberately targeting and disrupting US hospitals, forcing them to divert patients to other healthcare providers. Patients may experience prolonged wait time to receive critical care,” said Charles Carmakal, SVP and CTO of Mandiant, in a press statement.


Please enter your comment!
Please enter your name here

Hot Topics

New LG OLED 48CX TV launched for gamers and cinema lovers

LG India launched the OLED 48CX TV, a ‘dream screen’ for gaming fans on March 2. The new OLED 48CX TV is a new...

Redmi India teases Redmi Max TV XL launch in India during Note 10 series presentation

Redmi India officially teased the launch of Redmi Max TV XL at the Redmi Note 10 series launch event on March 4. Interestingly, this...

Organized fridge is healthy fridge: Smart solutions to maintain your refrigerator during summers

Many people are guilty of stocking up food in the fridge and forgetting, only to discover it after its expiry date has gone. With...

Related Articles

Reliance Jio working on reasonable laptop: The JioBook

Reliance Jio is developing a new product, tentatively named the ‘JioBook’. Likely to be launched this year, the JioBook is a laptop that will...

Keep your washing machines ‘fit’ to stay safe

Appliances, with safety tips ignored, can be less safe to use. While brands promptly recall products when a technical flaw is discovered, it’s also...

MediaTek announces new 4K smart TV chip MT9638 with AI processing unit

MT9638-powered 4K smart TVs are expected to reach the consumer market in Q2 2021. MediaTek has shipped more than two billion units of...