Keeping you up to date on trends, emerging exposures and other critical issues.

Hospitals Facing Ransomware Amid COVID

Medical team walking down hallway at the hospitalAmid the COVID pandemic and surge in cases, multiple US hospitals are facing another crisis in the form of cyber-attacks. Being the valuable targets, they are, they have been on the radar almost since day one.

The NSA and CIA have released a warning about increased cyber-attacks against hospitals and other medical practitioners. "CISA, FBI, and (the Department of Health and Human Services) have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers," the advisory stated. "CISA, FBI, and HHS are sharing this information to provide warning to healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats." In recent weeks, there have been two hospitals that have confirmed attacks, at St. Lawrence Health Systems in New York and Sky Lake Medical Center in Oregon, while the University of Vermont systems have had their systems slowed and are considering an attack a possibility.

While these are verified attacks, there are other systems that may have been breached. Manidant, a cyber security company, identified three attacks on October 27th and at least 1 on the 28th. Meanwhile, Allan Liska, an intelligence analyst for the firm Recorded Future, told CNN that his company knows of at least six attacks in the last 24 hours and "there are probably more." [1]

This coordinated assault on these healthcare systems comes as COVID cases begin to spike again in the US, forcing patients to go to other hospitals and health care providers. While healthcare is a big target, no one is safe from these hacks so it is important to be vigilant and review all cyber protocols.