U.S. Authorities warn hospitals about ransomware attack amidst COVID-19 outbreak

The U.S. authorities issued an advisory to warn hospitals about ransomware attacks possibly by Wizard Spider and Ryuk ransomware.

By · Oct 30, 2020 . 7min read

U.S. Authorities warn hospitals about ransomware attack news

Various hospitals over the United States have encountered ransomware attacks in what seems to be an acceleration and development of similar attacks earlier launched on other hospitals and medical facilities. The U.S. security authorities notified on Wednesday of an impending cybercrime threat to hospitals and healthcare providers, prompting them to increase their protection against threats.

An advisory issued by the FBI and two other government agencies elucidated that they had reliable data proving that hackers were targeting the healthcare sector using malware. Thus, leading to ransomware attacks, data stealing, and the disruption of healthcare services. The U.S. authorities have warned hospitals about the potential attacks by the hackers.

The U.S. authorities warn about Ryuk ransomware and Wizard Spider.

The alert came from a joint federal task force that involves the FBI, the U.S. Department of Health and Human Services, and the Cybersecurity and Infrastructure Security Agency (CISA). The alert leads to the Ryuk ransomware as the original hacking tool included in the attacks. Security analysts at private companies state that the activity is attached to the Russian criminal gang sometimes, named UNC 1878 or Wizard Spider.

For the uninitiated, ransomware is a sort of malicious software. Cybercriminals encrypt users’ files until the organization pays ransom mostly in cryptocurrencies. Ransomware is an escalating warning and has already cost hospitals millions in recent years. A typical attack encrypts significant information like patient records and billing data. Moreover, it holds the data until the hospital admits to paying an excessive sum for ransom.

Ransomware attacks to disrupt hospital administrations during COVID-19 outbreak

The New York Times reported leaked conversations from Wizard Spider. Therefore, Hold Security intercepted the conversations. The hackers elucidate that the main reason behind hacks is to create panic in U.S. hospitals during the outbreak of the COVID-19 pandemic. 

Wizard Spider intends to retain the patient information stored on hospital servers hostage. Thus, encrypting the data until a ransom has been settled in Bitcoin. Encrypting the data would make it almost impracticable for healthcare staff to access patient records and give proper treatment effectively. According to the reports, Hold Security assumes approximately 400 hospitals are in danger. This anticipation is based on a list caught from Wizard Spider. Moreover, the security firm has notified the FBI that the organization has already targeted 30 hospitals. 

According to local news reports, St. Lawrence Health System in New York, Sonoma Valley Hospital in California, and Sky Lakes Medical Center in Oregon reports that they were prone to ransomware attacks. According to the reports, hundreds of hospitals may be in danger because of cybercriminals spreading the Ryuk ransomware. However, it encrypts data on any hard drive it enters. Further, the FBI says that since its launch in 2018, Ryuk has made $61 million in BTC. 

Follow Cryptodose for more updates.

         All News