A Fourth Estate® Service

Thursday, March 4, 2021

US Hospitals Targeted by Russian Hackers as Elections Draw Near

The US Cybersecurity & Infrastructure Security Agency (CISA) has released a joint advisory regarding Russian hackers targeting US healthcare systems as elections draw near.

The US  Cybersecurity & Infrastructure Security Agency (CISA) has released a joint advisory regarding Russian hackers targeting US healthcare systems as elections draw near. 

The CISA, along with the FBI andHealth and Human Services warned of hackers using the TrickBot network of infected computers and BazarLoader to penetrate the networks of healthcare providers in order to deploy the Ryuk ransomware.

“CISA, FBI, and HHS are sharing this information to provide warning to healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats,” said the joint advisory.

CISA explained that TrickBot operators a full suite of tools to conduct credential harvesting, mail exfiltration, crypto mining, point-of-sale data exfiltration, and the deployment of ransomware, such as Ryuk and Conti.

The advisory also explained that the BazarLoader suite works similarly and could be used to deploy Ryuk but uses phishing to compromise its victims. 

Universal Health Services, a hospital health care service company based in Pennsylvania; St. Lawrence Health Systems in New York; and the Sky Lakes Medical Center in Oregon have all reported infections this month.

The joint advisory advised health organizations to seek help from the FBI after identifying possible breaches or infections.

Article © 2021 Fourth Estate® — All rights reserved.
This material may not be published, broadcast, rewritten or redistributed.

Recent Articles

Get the Daily NewsBrief in your inbox

Related Stories