The US healthcare system is facing an “increased and imminent” threat of cyberattack, federal agencies have warned, with ransomware attempts designed to disable hospital information systems on the rise.
The FBI and other federal agencies warned that they had credible information of increased cyber threats to US hospitals and healthcare providers, according to a report by The Guardian. The alert said that a Russian-speaking criminal gang is targeting the healthcare industry with cyberattacks that produce “data theft and disruption of healthcare services.” Ransomware attacks crippled at least five US hospitals last week alone, The Guardian reported.
“We are experiencing the most significant cybersecurity threat we’ve ever seen in the United States,” Charles Carmakal, chief technical officer at cybersecurity firm Mandiant, said in a statement.
Hold Security has been tracking the ransomware in question for more than a year, according to The Guardian. Alex Holden, CEO of the company, said that the threat is unprecedented in magnitude for the US.
In September, a ransomware attack shut down systems at all 250 US facilities of hospital chain Universal Health Services. The attack forced medical workers to rely on paper for record-keeping and slowed lab work. Employees said the attack impeded patient care, spiked emergency-room waits, and caused the failure of wireless vital-signs monitoring equipment.
Holden told The Guardian that the cyber criminals were demanding ransoms in excess of $10 million per target, and that criminals on the dark web were discussing plans to attack more than 400 medical facilities.
“One of the comments from the bad guys is that they are expecting to cause panic – and no, they are not hitting election systems,” he said. “They are hitting where it hurts even more, and they know it.”