Medical institutions must strengthen security protocols to avoid cyberattacks from North Korean state-backed actors and avoid paying ransoms to prevent U.S. government sanctions. Joint consultation released Wednesday From CISA, FBI and Treasury.
North Korean state-backed cyber attackers have been using Maui ransomware to target healthcare organizations since at least May 2021, U.S. government agencies have warned. The announcement did not list any specific organizations affected.
Last summer, the FBI successfully blocked a cyberattack on Boston Children’s Hospital by Iranian state-sponsored actors, revealing a potential threat to the healthcare company.
Previous cyberattacks from North Korean-backed actors, WannaCry cyber attackwhich paralyzed the NHS and several hospitals in the UK for days.
The announcement further underscores the looming threat to healthcare organizations.
“The risk of ransomware has been skyrocketing, both in volume and in the danger of the type of attack,” said Fredric D. Bellamy of Dickinson Wright, who represents companies affected by cyberattacks.
Bellamy pointed to the risk of cooperating with cyber attackers by paying ransoms with a range of consequences, including sanctions from the U.S. government.
“One of the important points in the announcement is that companies will be subject to U.S. government sanctions if they pay ransoms to hackers sponsored by certain hostile countries, such as North Korea,” Bellamy said.
He suggested that victims should cooperate with the FBI to respond to the attack and avoid sanctions.
According to the announcement, North Korean cyber attackers targeted health services related to electronic health records, diagnostic services, imaging services, and intranet services.
The agencies urged healthcare organizations to strengthen security measures such as: training users to recognize and report phishing attempts, enabling multi-factor authentication, and installing and regularly updating antivirus software.
The FBI also discourages ransom payments. “Payment does not guarantee that files will be recovered, and may encourage adversaries to target other organizations, encourage other criminals to participate in distributing ransomware and/or funding illegal activities,” the agencies said.
April, a Cyber Security Report Abnormal Security from San Francisco has tracked the increase in cyber threats and found that the healthcare industry has a 68.9% chance of receiving a commercial email breach every week.
Photo: Valery Brozhensky, Getty Images
