A government alert warns of an increased and imminent cybercrime threat against U.S. hospitals and healthcare providers.
Federal authorities are sounding the alarm on a cyber threat against U.S. hospitals and healthcare facilities.
According to an alert from the Cybersecurity & Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS), these agencies have credible information about an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers. They believe that the goal is to spread the Ryuk ransomware for financial gain.
The same malware is believed to have been used against Universal Health Services in September.
According to a report from Wired, hospital personnel say that they have moved to an all-paper system due to the attack which has left patients being rerouted to other emergency departments and waiting for appointments and test results.
The attack was undertaken overnight in an effort to encrypt and lock down as many systems as possible. Screens at facilities in California, Florida, Texas, Arizona, and Washington D.C. were changed to display a ransom message, according to Bleeping Computer, which first reported the attack.
Bleeping Computer cites an expert who says that the attack likely originated through phishing and that four patients have died due to physicians having to wait for lab results to arrive via currier.
Oliver Noble, an encryption specialist with Nordlocker, says in a Medical Economics article that some of the things physicians and hospitals can do to keep their IT systems safe include: