Feds Warn of 'Imminent' Cyberattacks on U.S. Hospitals

Illustration for article titled Feds Warn of Imminent Cyberattacks on U.S. Hospitals
Photo: Rob Engelaar (Getty Images)

As if the rampant underfunding and overcrowding weren’t enough for hospitals to deal with during the current pandemic, apparently they need to grapple with ransomware, too. In an advisory memo released last night, federal officials warned of an “increased and imminent cybercrime threat” to hospitals and healthcare providers across the country.

Advertisement

The memo, which was a joint effort between the Federal Bureau of Investigations, the Department of Health and Human Services, and the Cybersecurity and Infrastructure Security Agency does not share why exactly hospitals—which have long been a popular target for cybercriminals—are at increased risk now, though it does plainly state the intention for the attacks is for financial gain. With the U.S.’s Covid numbers hitting record highs as the weather turns cold, the timing is inopportune, to put it lightly.

Advertisement

Per the notice, one of the ways bad actors weave their way into a hospital’s IT systems is through Trickbot, a particularly nasty trojan that specializes in hijacking web browsers and pulling their credentials, and then using the infected machines as part of a botnet. Earlier this month, Microsoft disabled command and control servers behind Trickbot, which the company estimated took around 1 million infected machines out of action.

These trojans can be used in conjunction with a popular strain of ransomware called Ryuk that’s built to hold entire networks hostage via encryption until the owner of said network coughs up some cash. In the past, we’ve seen city officials, oil companies, and multiple hospitals get held up for hundreds of thousands of dollars at a time. Earlier this year, cybersecurity analysts estimated that the demands of the average Ryuk attack spiked to roughly $1.3 million dollars apiece.

A doctor at a recently of the besieged hospitals told Reuters that their facility was forced to shift their operations to pen-and-paper following an attack. While that might suffice for basic day-to-day monitoring, the doctor explained that this analog approach didn’t allow them to update the patient files that they had on hand. Keeping these records updated and available is important during normal times; during a pandemic its crucial.

Even if these hospitals can afford it, the agencies don’t recommend paying off these ransoms. “Payment does not guarantee files will be recovered,” the notice explains. “It may also embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or fund illicit activities.”

Advertisement

Instead, the best advice these agencies offers hospitals is the same advice any cybersecurity-minded person might: keep your systems up to date, change passwords often, use multi-factor authentication, regularly back up your data, make local, offline copies of that data if you can, and teach yourself how to suss out what the average phishing scam looks like.

I cover the business of data for Gizmodo. Send your worst tips to swodinsky@gizmodo.com.

Share This Story

Get our newsletter

DISCUSSION

A place I used to work for that was a chain of several big not-for-profit hospitals got hit hard by ransomware. They wound up having to shell out the bitcoin to get their data back. Can’t remember if it was $40k or $75k, but paying the criminals was basically their only option.

Then when the FBI was questioning the company about their IT infrastructure and the amount of money put towards cyber security... well, it’s a wonder they didn’t shut the company down. Part of the reason I left that place. The top 3 execs in the company were getting paid insane amounts, and they thought that I.T. cost too much, so the budget for I.T. was always like maybe 40% of what it should be. They also repeatedly tried to outsource the hospitals I.T. to professional outsourcing companies, only for those companies to back out after months of negotiations when they realized there was no way in hell they could do the job cheaper.

Oh the stories I could tell about the corruption there.