6 hospital ransomware attacks in 24 hours prompts US advisory: 8 things to know

Ryuk ransomware hit at least six U.S. hospitals in 24 hours this week, prompting the federal government to warn healthcare providers about the threat, according to The Washington Post.

Eight things to know:

1. The ransomware attacks began on Oct. 26 and have hit hospitals from New York to California. The FBI, the HHS and the Cyber Security and Infrastructure Security Agency under the Department of Homeland Security said there was "credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers" in their Oct. 28 joint advisory.

2. The federal government did not release the names of the hospitals, but Klamath Falls, Ore.-based Sky Lakes Medical Center and St. Lawrence Health System in Upstate New York self-identified as victims of ransomware attacks Oct. 27.

3. The New York Times reported that a list of more than 400 targeted hospitals has been circulating among the Russian hackers, who claimed to have infected more than 30 hospitals on the list already.

4. The ransomware is often distributed by Trickbot, according to the article. In recent weeks, Microsoft reported taking down Trickbot servers through federal court orders with the goal of preempting ransomware attacks, but the Trickbot infrastructure has since changed.

5. The hackers have demanded more than $1 million from the unnamed hospitals and in one instance demanded the equivalent of $5 million in Bitcoin from a private clinic. The hackers are known to set the ransom at 10 percent of the organization's annual income, according to The Times.

6. Some hospitals have paid the ransom to unlock their systems, according to The Post.

7. The federal government told hospitals and healthcare providers to boost protection networks, ensure software updates are made, back up data and monitor access to their systems closely, according to NPR.

8. Hospitals typically take their IT systems offline when ransomware is identified and revert to downtime protocols, which include paper records. In some instances, hospitals have diverted ambulances during the downtime and postponed elective procedures and services.

To learn more about Ryuk and ransomware mitigation steps, click here.

 

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars