Over the past three weeks, nine US hospitals have been hit with ransomware attacks, crippling critical computer systems and demanding millions of dollars to get systems operational again.
The recent attacks have been linked to a Russian-based ransomware group known among some experts as UNC1878 and others as Wizard Spider who are apparently laying the groundwork for at least ten more hospital attacks. Attacks on the healthcare industry have been ongoing since at least September, the victims included Sky Lakes Medical centre in Oregon, where doctors are struggling to keep track of patient medications and other critical information that now has to be sorted by hand. Some of the other infected medical care facilities include hospitals in New Jersey, Georgia, Florida, Massachusetts, Texas and Arkansas.
The timing of the latest wave of attacks, coming as the U.S. nears 9 million coronavirus infections and hospitalizations surge, has unsettled security experts used to the ruthlessness of global cyber gangs. Over the last 48-hours, Prevailion (who initially linked the cyberattacks to the Russian group) has gained access to the communications that the Russian hackers are using to control computers inside U.S. hospitals, as well as other victims worldwide. That data shows that the hackers have infiltrated at least 440 organizations globally, including government agencies, pharmaceutical companies and universities.
As Covid cases have spiked across the US, so have the ransomware attacks on health care providers who have seen a 71% increase in ransomware attacks from just October to September. This has caused the US Government to issue a joint cybersecurity advisory to guide hospitals and other health care professionals who may be a target of malware attacks.
Last week the Department of Justice charged six current and former members of Russia's military intelligence agency for allegedly carrying out some of the most destructive cyberattacks on record, costing billions of dollars in damages over the past few years. Two days later the US Government warned that Russia had been targeting US government agencies and could be planning more severe attacks around election day.
For more information on cybersecurity and recent cyber attacks follow ADNS group today.