Amid pandemic, hospitals warned of 'credible' and 'imminent' cyberthreat
By LUKE BARR, ABC News
(NEW YORK) — The FBI, Cybersecurity and Infrastructure Security Agency (CISA) and Department of Health and Human Services (HHS) are warning of an upcoming ransomware attack on hospitals.
“CISA, FBI, and HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers. CISA, FBI, and HHS are sharing this information to provide warning to healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats,” a warning from the agencies said.
The agencies say that the malware “Trickbot” is the primary method used to attack hospitals.
According to the technology firm ForcePoint, malware is “short for malicious software, malware typically consists of code developed by cyberattackers, designed to cause extensive damage to data and systems or to gain unauthorized access to a network.”
According to the firm, the attacks usually start in the form of a suspicious email.
“CISA, FBI, and HHS assess malicious cyber actors are targeting the HPH Sector with Trickbot malware, often leading to ransomware attacks, data theft, and the disruption of healthcare services,” they say.
The agencies said that because of the targeted nature of these attacks, hospital workers should be on alert for phishing scams and ransomware attacks.
Best practices include patching networks, changing passwords and multifactor authentication. The three agencies also said hospital systems should be prepared and should have a risk mitigation plan that can easily be activated.
In September, one of the country’s largest hospital chains said that all 250 of its locations had been hit with a ransomware attack.
United Health Services said that it “have had no indication that any patient or employee data was accessed, copied or misused.”
Copyright © 2020, ABC Audio. All rights reserved.