The FBI and the Department of Homeland Security were among the US authorities warning of coordinated Bitcoin ransomware attacks on the country’s health systems.
Ransomware attacks have increased 50 percent in the past three months, security firm CheckPoint said on Wednesday. The proportion of health organizations affected increased in the third quarter from 2.3 percent in the previous quarter to 4%.
Ransomware Attacks Disrupting Hospital Operations
Six institutions were attacked in one day last week in New York, Oregon, and California. Oregon Sky Lakes Medical Center got forced to suspend operations when Ryuk’s cyberattack on October 27 froze its record. St. Health System Lawrence in New York suffered a similar attack on two hospitals, causing them to move ambulances in response to the emergency.
Hundreds of hospitals could be at risk of being exposed to cybercriminals distributing Ryuk ransomware. It encrypts the data on every hard drive entered.
Researchers estimate that Ryuk is responsible for one-third of all ransomware attacks worldwide by 2020. According to the FBI, Ryuk has raised $ 61 million in BTC since its launch in 2018. Ransomware attacks have also gotten used to target police stations and entire cities.
Security analyst Allan Liska of US cybersecurity firm Recorded Future described the criminal activity as coordinated. The attack’s design was to disrupt hospitals across the country. Liska added that although the attacks got carried out every week, the past week’s workouts had never happened before.
Charles Carmacal, senior vice president of cyber response firm Mandiant, said the Witch Spiders were among the most courageous, heartless, and destructive groups he had seen in his career.
“We Expect Panic”
The New York Times reports a leaked notification from the Wizard Spider intercepted by Hold Security. “We expect panic,” commented one hacker about the potential impact of the mass strike on US hospitals during the ongoing health crisis and presidential elections.
Hackers aim to store patient data as hostages on hospital servers and encrypt information until the payment of a bitcoin ransom. Furthermore, encrypting data makes it nearly impossible for medical staff to access patient records effectively and manage care effectively.
Hold Security estimates more than 400 hospitals are at risk because of the list the Witch Spider intercepted. The security firm informed the FBI that the organization claimed to affect 30 hospitals.
On October 29, the FBI, Department of Homeland Security, and Department of Health and Human Services confirmed the threat was “credible” and advised hospitals to take steps to secure their systems. They said they were sharing the information to warn healthcare providers. It was in a bid for all to take timely and reasonable precautions to protect their networks from these threats.