Ransomware attacks on U.S. hospitals are on the rise as coordinated cyber attacks attempt to infect entire networks for financial gain. Federal agents sent an urgent alert last Wednesday night to hospital and healthcare professionals urging all to take necessary cybersecurity precautions to protect their networks.
According to the FBI and the Department of Health and Human Services there is “credible information of an increased an imminent cybercrime threat to US hospitals and health care providers.”
Hackers are using Ryuk ransomware to encrypt the healthcare organization’s data and keep it locked up. You may recall that in late September, Universal Health Care Systems fell victim to Ryuk ransomware leaving them helpless to ensure patient care as their systems were down for several days. Ryuk is a type of crypto-ransomware that uses encryption to block access to a system, device or file until a ransom is paid. Ryuk is often dropped on a system by other malware, most notably Trickbot. Ryuk is difficult to detect as it’s often spread via other malware dropping into already existing infected systems.
Officials do not recommend paying the ransomware; no matter how little the fee is. Paying does not guarantee your data back, sets a precedence and it goes against information security laws.
“We are experiencing the most significant cybersecurity threat we’ve ever seen in the United States,” said Charles Carmakal, Mandiant’s chief technology officer, describing the group as “one of most brazen, heartless and disruptive threat actors I’ve observed over my career.”
The good news is – you can start protecting your data from ransomware. Endpoint Detection and Response (EDR), among other tools, can detect and alert you or your provider of fileless malware like Ryuk. Learn more about our EDR solution or schedule a HIPAA Compliance Gap Review with our cybersecurity experts today.