State-sponsored North Korean hackers have been using ransomware to target America’s healthcare providers since May 2021.
The FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of the Treasury have issued a joint advisory warning healthcare organizations about the threat.
‘The North Korean state-sponsored cyber actors likely assume healthcare organizations are willing to pay ransoms because these organizations provide services that are critical to human life and health,’ they said.
According to the advisory, ransomware called Maui has been used to encrypt healthcare organizations’ computers and then demand payment from the victims to get their networks unlocked.
The attackers have locked up healthcare providers’ electronic health records services, diagnostics services, imaging services and intranet services, among others. In some cases, the attacks kept the providers out of their systems and disrupted the services they provide for prolonged periods.
The agencies’ warning contains information about Maui, including its indicators of compromise and the techniques used by the hackers.
The malware is manually executed by a remote actor once it’s in the victim’s network.
The agencies ‘highly discourage’ paying the ransom, since that doesn’t ensure that the hackers will give back access to the files and suspect that the attackers will most likely continue targeting healthcare organizations.
Healthcare providers have been urged to employ mitigation techniques and to prepare for future ransomware attacks by installing software updates, maintaining offline backups of data and preparing a basic cyber incident response plan.
A United Nations report from February said North Korea’s missile programme was funded through stolen cryptocurrency by state-sponsored hackers.
Healthcare providers are a prime target for hackers with human lives at stake. In May, the Russian hacking group, Killnet, threatened to shut down UK hospital ventilators in retaliation for the arrest of an alleged member.
Source: Read Full Article