CISA (Cybersecurity & Infrastructure Security Agency), the Department of Health and Human Services (HHS) and the Federal Bureau of Investigation (FBI) jointly released a cybersecurity advisory on October 28, 2020 warning of an imminent cybercrime threat to healthcare providers. Since the original release, the warning has been revised to include additional information. The advisory, Alert (AA20-302A) can be found here.
Authorities have claimed this to be one of the most significant cybersecurity threats “…we have ever seen in the United States.” This attack represents the latest salvo against hospitals which have been the hardest hit with ransomware attacks. In a ransomware attack, critical data is encrypted, rendering it not usable, until a ransom is paid. Most hospitals are eager to get back up and running, working hard to minimize the impact to patient care, so they are sometimes more likely to pay the ransom than other targeted businesses.
Cyber attacks targeting patient data systems, like Electronic Health Records, on average, cause 15 days of patient data system disruption. In some cases, clinicians were without system access for much longer. For example, the Universal Health Services attack, that we summarized and posted recently, left hospital crew without access to patient data for more than three weeks.
Cybercrime threat to healthcare providers, costs our healthcare system tens of millions of dollars annually. A typical ransom could be several hundred thousand dollars, while some have been more than $5 million.
We highly recommend reviewing the published alert as it contains technical details about the threat, as well as details about how the malware replicates, including which files to be on the lookout for and various attack techniques.
In addition to the publicly available resources, Vigilant Ops is here to help protect your deployed medical devices, and we are available for a free cybersecurity consultation anytime. Please reach out using any of the contact information below.