Hackers are Stepping Up Attacks on Health Care Systems with Ransomware

Cyber Threat

In the United States and other nations, hackers are speeding up attacks on health care networks with malware, posing new threats for patient care as the global coronavirus pandemic accelerates.

US authorities and security experts’ warnings illustrate a surge of cyberattacks on hospitals that are dealing with increasing infections of the virus.

The hazard was underlined by an unprecedented alert this week from the FBI to the Departments of Homeland Security and Health and Human Services.

The three agencies “have reliable intelligence for US hospitals and health care providers about an elevated and immediate cybercrime danger,” the warning released Wednesday said, calling on health systems to “take prompt and appropriate steps to defend their networks from these attacks.”

Several US hospitals attacked by ransomware have been cited by media outlets.

In a statement Thursday, one of them, the University of Vermont Medical Center, said it was collaborating with law enforcement on “a now verified cyberattack that targeted some of our processes” that had “variable consequences” on patient care.

Daniel dos Santos of Forescout, a cyber security company, said that cash-strapped medical facilities are especially tempting targets for hackers and that in the US and Britain, at least 400 hospitals have been targeted in recent weeks.

Hackers are mindful that because their services are vital, “health care is the most likely to pay the ransom,” dos Santos said, “Stopping services means people are actually going to die.”

“It would mean going back to pen and paper, which can cause massive slowdowns,” he said, with hospitals unwilling or unable to pay.

In a survey, Forescout said that while many hospitals have upgraded computer networks, most use a number of linked devices such as patient monitors or CT scanners that “act as the network’s weak links” because they relay data over hazardous channels.

“Dos Santos and fellow researchers said they found records on some three million US patients online in one indication of the problems looming,” unprotected and open to everyone who knows how to look for it, “the Forescout study said.

— Most Targeted–

Ransomware is a long-standing protection challenge and a common focus has been health care. Universal Health Care, which runs hospitals in the US and Britain, was disrupted by a September attack.

Yet security analysts warn that as the pandemic worsens, the attacks are accelerating.

Security company Check Point analysts said its study found that health care was the most attacked ransomware industry, with a 71 percent rise in attacks on US providers in October from a month ago.

Check Point said the number of ransomware attacks on hospitals in Asia, Europe and the Middle East has also risen dramatically. Globally, the company said that in the third quarter, ransomware attacks were up 50 percent compared with the first half of this year.

Many of the attacks use a ransomware strain known as Ryuk, which security experts suspect could be connected to cybercriminals from North Korea or Russia.

The US government cautioned that phishing attacks are targeting health institutions to gain access to the databases, with hackers using specialised technologies such as TrickBot software that can collect passwords and exfiltrate data.

“In early October, the Cyber Center of the Canadian Government released a related alert, warning of Ryuk ransomware” affecting various organisations, including local governments and Canadian and foreign public health and safety organisations.

“The issue of ransomware is increasingly worsening and a cure urgently needs to be sought,” said Brett Callow of Emsisoft, a security company.

“We agree that the remedy is a demand payment ban. Ransomware only persists because it is lucrative. Once the cash flow ceases, the attacks will cease and hospitals will no longer be at risk.”

Jennifer Thomas
Jennifer Thomas is the Co-founder and Chief Business Development Officer at Cybers Guards. Prior to that, She was responsible for leading its Cyber Security Practice and Cyber Security Operations Center, which provided managed security services.