North Korean Government Hackers Target Health Services with Ransomware, U.S. Agencies Warn

United States government agencies warned on July 6 that North Korean government-backed hackers have targeted several health organizations with ransomware in the past year.

In its joint advisory, the Federal Bureau of Investigation, the Treasury Department, and the Cybersecurity and Infrastructure Security Agency said that the hackers have used ransomware called Maui to infect U.S. hospitals and other health services since May 2021.

Ransomware is a type of malicious code hackers use to encrypt computer networks and lock computer files.

“North Korean state-sponsored cyber actors used Maui ransomware in these incidents to encrypt servers responsible for healthcare services — including electronic health records services, diagnostics services, imaging services, and intranet services,” the U.S. agencies said.

According to U.S. agencies, the hackers, in some cases, disrupted health services for “prolonged periods.”

The U.S. agencies did not name the health organizations affected by the ransomware cyberattacks.

The Health Information Sharing and Analysis Center, a cyber threat sharing group for big health care providers around the world, did not identify any of its members as victims.

“I would imagine the victims were smaller organizations and not prepared to handle a ransomware attack,” the group’s Chief Security Officer Errol Weiss told CNN.

The U.S. agencies urged health services to increase their cybersecurity and to report to the authorities if such an incident occurs.

© Fourth Estate® — All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed.