Posted on 10/29/2020 3:04:51 PM PDT by ransomnote
Federal agencies warned that cybercriminals are unleashing a wave of data-scrambling extortion attempts against the U.S. healthcare system designed to lock up hospital information systems, which could hurt patient care just as nationwide cases of COVID-19 are spiking.
In a joint alert Wednesday, the FBI and two federal agencies warned that they had "credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers." The alert said malicious groups are targeting the sector with attacks that produce "data theft and disruption of healthcare services."
The cyberattacks involve ransomware, which scrambles data into gibberish that can only be unlocked with software keys provided once targets pay up. Independent security experts say it has already hobbled at least five U.S. hospitals this week and could impact hundreds more.
The offensive by a Russian-speaking criminal gang coincides with the U.S. presidential election, although there is no immediate indication they were motivated by anything but profit.
"We are experiencing the most significant cyber security threat we've ever seen in the United States," Charles Carmakal, chief technical officer of the cybersecurity firm Mandiant, said in a statement.
MORE AT LINK
(Excerpt) Read more at cbsnews.com ...
You would be wrong. I work IT in a large hospital system. This is real
Who and what is the motive, in your opinion?
Wasn’t the Russians who hacked hospitals and government offices. It was the filthy Communist Chinese. But hey, saying it’s Russians allow for the Democrat nonsense against Trump to continue
Not sure I’d trust anything the FBI has to say. Totally corrupt as is the DOJ.
I do not know. But the threat is real and being taken very seriously
China.
I'm a network engineer and have been in the corporate IT world for over 25 years and 100% agree with you. I've had clients hit with ransomware over the years and they are getting more and more sophisticated.
I heard of this threat from a Secret Service agent.
Do you guys keep offsite backups? My company has had ransomware, but we restored from backup.
The new variants are targeting cloud storage. I know of a university that got hit hard where the ransomware stayed hidden and discovered where the backup storage was then corrupted backup then hit the main network.
The Communists are attacking on all fronts.
FBI: “We need to get focus off our malfeasance, so we’re going to ramsomware attack hospitals!”
I was a IT Project Manager under contract to a very large healthcare provider in Norcal.
My project was to patch/correct every server platform in the enterprise...over 20,000 of them...and provide “secure privileged access” for the various engineers who had to keep these platforms running and maintained. So that only these “privileged” persons could make changes.
The project spun out of a security audit that found, essentially, there was no security.
Policies were developed. Standard, secure configurations for all platforms. Audit schedules...the whole nine yards.
When the project kicked off immediately there was resistance and inertia from every single stakeholder. As the project stalled the CIO decided to change to definition of what “remediated” meant. The new definition meant that each individual platform owner agreed to perform their own remediation within 3 years. That was almost 2 years ago.
They fired me when I refused to falsify mitigation reports. Just like the PM that was there before me, and one that followed me.
Buddies still onsite assure me nothing has changed. The place is still an open book...would not pass even the most rudimentary security audit and 3rd parties are still granted remote, unsecured access.
Over 50,000 employees and over 10,000 beds.
CRIMINAL NEGLIGENCE!
You should whistleblow to HHS OCR who enforce HIPAA.
My wife got an update today about email and password security. (She works at a large group of hospitals.)
You know some knucklehead is going to click “that link.”
It’s ransomware. They hold your data hostage until you pay them $. I’m not a detective, but pretty sure that suggests the motive is $$$.
They really can’t keep up to the moment back ups of medical records like that. In a 200 bed hospital, the records are constantly getting updated. If it gets into the network it can impact the pharmacy and other systems. Reverting to paper for a couple of days would cause BIG problems.
The FBI is probably about to do it. They really should be defunded
Make sure you have good backups and this will not be a problem.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.