The FBI warned of cyber attack attempts against the US healthcare system that can lock up hospitals’ information and data systems, the Associated Press reported.
Such attacks could be detrimental to the US who’s in the midst of the COVID-19 pandemic with millions of cases.
The FBI, HHS, and CISA, reported they have ”credible information” of impending and increased cyberattacks against hospitals and healthcare providers.
Also, the federal agencies warned that the cyberattacks would focus on “data theft” and hampering health care services.
Moreover, the federal agencies shared they’re releasing the information to warn “healthcare providers” to protect “their networks” from such intrusions.
Federal agencies also included in their report practices to mitigate the risk from cyber attacks.
For example, maintaining offline, encrypted backups of data, and the creation of a “cyber incident response plan.”
Infiltrating the System Through a Ransomware
According to an American journalist, Brian Krebs, a reliable tip told him that a Russian cyber criminal gang launched the Ryuk ransomware to “more than 400” US healthcare facilities.
The warning from the federal agencies came in less than 24 hours after Krebs received a tip from Alex Holden.
CISA, in their report, said that Ryuk aims to “infect systems” for financial gain.
Holden is the founder of Hold Security, an information security company based in Milwaukee.
According to Krebs, Holden saw online conversations between cyber criminals linked with the Ryuk ransomware and their plans against the US healthcare system.
The AP reported that Holden has been “closely tracking the ransomware” for more than a year now.
Reported Attack on September
Last month, a major hospital chain, Universal Health Services, Inc, experienced a massive cyberattack.
The chain had no choice but to do everything offline for some time.
According to UHS, malware attacked its IT network forcing them to disconnect all of its systems and shut down the whole system for safety.
Later on, the UHS announced there are no signs any data was “accessed, copied or misused” during the cyber attack.