Posted on 10/29/2020 3:04:51 PM PDT by ransomnote
Federal agencies warned that cybercriminals are unleashing a wave of data-scrambling extortion attempts against the U.S. healthcare system designed to lock up hospital information systems, which could hurt patient care just as nationwide cases of COVID-19 are spiking.
In a joint alert Wednesday, the FBI and two federal agencies warned that they had "credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers." The alert said malicious groups are targeting the sector with attacks that produce "data theft and disruption of healthcare services."
The cyberattacks involve ransomware, which scrambles data into gibberish that can only be unlocked with software keys provided once targets pay up. Independent security experts say it has already hobbled at least five U.S. hospitals this week and could impact hundreds more.
The offensive by a Russian-speaking criminal gang coincides with the U.S. presidential election, although there is no immediate indication they were motivated by anything but profit.
"We are experiencing the most significant cyber security threat we've ever seen in the United States," Charles Carmakal, chief technical officer of the cybersecurity firm Mandiant, said in a statement.
MORE AT LINK
(Excerpt) Read more at cbsnews.com ...
I would have the DOJ charge the perps with attempted murder or murder, in addition to the hacking charges, when they catch them.
Our IT people shut down all our computers yesterday afternoon at a major health care provider in NC. Working from home, my VPN connection was lost suddenly. Fortunately I had saved my work about 5 minutes beforehand. Got up to let the dog out, came back and sat down, started to open up another program and ‘poof’...
We have extensive security but it’s more than just backing up. We can’t risk any data compromise
“Make sure you have good backups and this will not be a problem.”
A good ransomeware attack waits for days...or weeks...after infection to execute to ensure all backups are infected too.
If properly executed, there’s no way out.
The files are either infected or they are not.
If the files were altered the date/time stamp would be altered.
I have recovered networks that were hit by ramsomeware.
Without good backups you are done.
Probably the FBI doing it. Who trusts the FBI anymore? I sure do not.
Or chaos.
Corrupted files can be backed up and stored.
Keeping systems patched, Effective anti-virus, proper user permissions and user training mitigate the threat and or the damage.
Its also simple enough to setup a honeypot directory on the main shares and write a script to monitor/shutdown/notify IT if any user accounts alter one of these files.
“Keeping systems patched, Effective anti-virus, proper user permissions and user training mitigate the threat and or the damage.”
The simplest of things, which every enterprise fails at.
The only exception I have seen is Intel.
Impervious.
“The simplest of things, which every enterprise fails at.”
Overworked Sysadmins and narrow windows to update are what criminals feast on.
No system is invulnerable, but its the law of averages. The system that is 90% patched is going to have many less problems than the system that is 20% patched.
And you better have good backups with forever tapes in the mix.
Most people just back up their data, thinking it cheap and easy...meets all audit requirements.
Then they cannot restore their platforms/applications when everything goes tits up. Because they never actually ran a real-world failure test. And have no real-world experience...even though they’ve been in IT for a decade or more.
I’ve seen dozens of examples. It crushes them.
Hate to have to tell you this but I work in a hospital in NJ. We’re seeing a Covid spike.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.