Advisories: “Brazen” Russian ransomware hackers target hundreds of US hospitals
The threat comes as virus cases spike and the election nears the final stretch. …
reader comments
128 with 72 posters participating
Russian hackers are targeting hundreds of US hospitals and healthcare providers just as the coronavirus is making a comeback and the US presidential election is in its final stretch, officials from three government agencies and the private sector are warning.
The hackers typically use the TrickBot network of infected computers to penetrate the organizations and after further burrowing into their networks deploy Ryuk, a particularly aggressive piece of ransomware, a joint advisory published by the FBI, Health and Human Services, and the Cybersecurity & Infrastructure Security agency said.
“CISA, FBI, and HHS have credible information of an increased and imminent cybercrime threat to US hospitals and healthcare providers,” Wednesday evening’s advisory stated. “CISA, FBI, and HHS are sharing this information to provide warning to healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats.”
Security firm Mandiant said much the same in its own notice, which provided indicators of compromise that targeted organizations can use to determine if they were under attack.
Mandiant Senior VP and CTO Charles Carmakal said in an email to reporters that the targeting was “the most significant cyber security threat we’ve ever seen in the United States.” He went on to describe the Russian hacking group behind the plans as “one of the most brazen, heartless, and disruptive threat actors I’ve observed over my career.” Already several hospitals have come under attack in the past few days, he said.
Crossing lines
“The intention by the threat actor is to hit hundreds
Continue reading – Article source