December 3, 2023
North Koreans have used ransomware — a type of malicious computer code that locks computer files — to encrypt computer systems hosting electronic health records, diagnostic and imaging services, according to the FBI, the Treasury and the US Cyber ​​and Infrastructure Security Agency (CISA). in Advisor Urge healthcare organizations to enhance their cyber security.

It’s the latest indication that state-sponsored hackers from countries like North Korea and Iran are willing to spread ransomware against the health sector — a tactic often associated with non-state cybercriminals.

FBI Director Christopher Wray in June blamed Iranian government-backed hackers for a “vile” cyber attack on Boston Children’s Hospital last year, a claim Tehran denied. No ransomware was published in this case, but Iranian hackers were the subject of another US advisory on ransomware in the health sector in November.
Health care facilities have already had to get resources due to Covid-19 to deal with disruptive ransomware attacks throughout the pandemic. An IT official at a 100-bed hospital in Florida told CNN in January how he shut down the facility’s computer systems in January to prevent a ransomware attack from spreading throughout the hospital.

The fall of 2020 saw a wave of ransomware attacks on US hospitals from Russian-speaking cybercriminals, including one ransomware incident in October 2020 that forced the University of Vermont to delay chemotherapy appointments.

In its warning on Wednesday, US agencies on Wednesday did not mention which organizations are the victims of alleged North Korean hackers.

Errol Weiss, the group’s chief security officer, said the Health Information Exchange and Analysis Center, a group that shares cyber threats to major healthcare providers around the world, has not identified any of its members as victims.

“I would imagine the victims were smaller organizations and not prepared to deal with a ransomware attack,” Weiss told CNN.

North Korea has long refuted stereotypes of a tech-deprived country to build a formidable hacking force. The US government accused Pyongyang of developing the so-called WannaCry ransomware in 2017, which has spread to more than 200,000 devices in 150 countries. The accident cost the British National Health Service alone more than $100 million.

“Among its peers, North Korea is unique in its deep and effective involvement in cybercrime,” said John Holtquist, vice president of intelligence analysis at cybersecurity firm Mandiant. “Unlike other countries that may contract and negotiate with local criminals, North Korea is carrying out cybercrime directly, against targets around the world.”

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *