Домой United States USA — Sport FBI warns of "imminent" ransomware attacks on hospital systems

FBI warns of "imminent" ransomware attacks on hospital systems

199
0
ПОДЕЛИТЬСЯ

Experts say cybercriminals, likely from eastern Europe, perhaps with Kremlin ties, are seeking money as COVID surges but aren’t targeting election systems.
Federal agencies warned that cybercriminals are unleashing a wave of data-scrambling extortion attempts against the U.S. healthcare system designed to lock up hospital information systems, which could hurt patient care just as nationwide cases of COVID-19 are spiking. In a joint alert Wednesday, the FBI and two federal agencies warned that they had «credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.» The alert said malicious groups are targeting the sector with attacks that produce «data theft and disruption of healthcare services.» The cyberattacks involve ransomware, which scrambles data into gibberish that can only be unlocked with software keys provided once targets pay up. Independent security experts say it has already hobbled at least five U.S. hospitals this week and could impact hundreds more. The offensive by a Russian-speaking criminal gang coincides with the U.S. presidential election, although there is no immediate indication they were motivated by anything but profit. «We are experiencing the most significant cyber security threat we’ve ever seen in the United States,» Charles Carmakal, chief technical officer of the cybersecurity firm Mandiant, said in a statement. Alex Holden, CEO of Hold Security, which has been closely tracking the ransomware in question for more than a year, agreed that the unfolding offensive is unprecedented in magnitude for the U.S. given its timing in the heat of a contentions presidential election and the worst global pandemic in a century. The federal alert was co-authored by the Department of Homeland Security and the Department of Health and Human Services. Agence France-Presse notes that the agencies urged U.S. healthcare providers to take «timely and reasonable precautions» such as patching their operating systems, software and firmware as soon as possible and running antivirus and anti-malware scans regularly. The cybercriminals launching the attacks use a strain of ransomware known as Ryuk, which is seeded through a network of zombie computers called Trickbot that Microsoft began trying to counter earlier this month.

Continue reading...