FBI warns medical institutions of ransomware threats and is on high alert

On October 28, 2020, the medical system of a hospital in Oregon, USA, went down due to a ransomware attack. The FBI and the US Department of Homeland Security (DHS) are calling on medical institutions to be on the alert as further ransomware attacks by cybercriminal organizations are expected.

Building wave of ransomware attacks strike US hospitals | Reuters
https://www.reuters.com/article/us-usa-healthcare-cyber-idUSKBN27D35U

FBI, DHS Warn Hospitals of'Credible Threat' from Hackers --Bloomberg
https://www.bloomberg.com/news/articles/2020-10-28/us-hospitals-hit-by-coordinated-ransomware-attack-firm-says

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against US Hospitals — Krebs on Security
https://krebsonsecurity.com/2020/10/fbi-dhs-hhs-warn-of-imminent-credible-ransomware-threat-against-us-hospitals/

'Today, our hospital was hit by ransomware and the medical system was compromised,' the Sky Lakes Medical Center in Klamath Falls, Oregon reported on Facebook on the 28th. According to the hospital, no leakage of patient information has been confirmed, and although medical examinations, acceptance of emergency patients, and operation of pharmacies are continuing, communication is still congested due to attacks. ..

A doctor at Skylakes Medical Center, who was interviewed by Reuters on condition of anonymity, said about the situation of the attack, 'After the attack, the facility is functioning on paper, and the nearest facility is too far away to transport patients. There are some cases where we can't do it. We are still able to see the patient's condition and process images with medical devices, but we are seeing all these results on paper. '

Charles Carmakal, chief technology officer of cybersecurity company FireEye, told Bloomberg that the attack was carried out by UNC1878, an Eastern European-based cybercriminal organization. The attack was also through two types of malware, Ryuk and Trickbot , according to two cybersecurity consultants interviewed by Reuters.

In addition, several media outlets such as Reuters and Bloomberg said on the 28th, 'Several federal authorities such as the FBI and DHS said,'The threat of cybercrime to hospitals and healthcare providers in the United States will increase, which is urgent and accurate. I warned medical institutions and cyber researchers about 'information'. ' According to the cybersecurity blog KrebsOnSecurity, there is information that hundreds of more medical institutions are being prepared for attacks in the future.

Against the backdrop of increasing risk of ransomware attacks, FBI and other authorities have held a conference call with medical institutions. In it, he said, 'Make sure that the backup system is normal, refrain from using personal email addresses, etc., and disconnect the system from the Internet if possible,' and called for caution.

'There is no information so far that hundreds of medical institutions have announced ransomware incidents, but several hospitals have already been affected by ransomware in the last few days,' KrebsOnSecurity said. ..