Imminent Cyber Threat to US Hospitals & Healthcare

Healthcare providers in the U.S have been given a warning from the FBI, DHS, and HHS in an attempt to give hospitals and healthcare providers a chance to take cybersecurity precautions against an imminent threat from a Russian cybercriminal gang. 

Communications between cybercriminals affiliated with Russian ransomware group, Ryuk, lead officials in the U.S to believe that Ryuk plans to deploy ransomware at more than 400 healthcare facilities in the U.S. WIZARD SPIDER is the Russian cybercriminal gang that operates Ryuk ransomware. Ryuk is used to specifically target enterprise environments, which is why WIZARD SPIDER is known for attacks on large organizations and high ransom returns.  

The Federal Bureau of investigation, the U.S. Department of Homeland Security, and the U.S. Department of Health and Human Services held a conference call with healthcare industry executives last week to share information and provide a warning, however the agencies reported no IoCs (indicators of compromise) with healthcare executives. 

More about this threat can be found here. 

Sophisticated cybercriminal gangs like this WIZARD SPIDER pose a cyber threat to industries across the U.S. but the healthcare industry has been their largest target. Healthcare suffers 3X more cyber attacks leading to data breaches than the next highest target, the financial industry. Hospitals and healthcare providers have felt the wrath of cyber attacks in 2020 and are often targeted due to the massive volumes of patient data and personal information that their systems hold. It is critical for the healthcare industry to implement cybersecurity plans and protocols. 

Some tips from NXTsoft to healthcare providers to protect against ransomware attacks: 

1. Perform regular backups and backup tests. Make sure that back ups are stored in a separate location that is not shared with other devices. This can be extremely crucial in the event of a ransomware attack because with important data and files properly backed up, you will be able to restore and avoid paying a ransom.
2. Update software and operating systems. With updates come corrections to weaknesses and vulnerabilities in software. Regularly updating and checking to make sure that your software is updated can help prevent and protect from cybersecurity attacks and data breaches.
3. Educate. Educating employees and staff on safe cybersecurity practices is pivotal in protecting hospitals and healthcare services from cyber breaches. Employees are where a breach is most likely to occur and implementing cybersecurity training can drastically decrease the chance of a breach via the fault of an employee.