Cyberterrorists Targeting U.S. Hospitals, Healthcare Organizations

Federal law enforcement and health agencies have issued a warning that a ransomware group with ties to Russia has encouraged its affiliates to target American hospitals and the healthcare industry in general for attacks. Successful attacks have taken place this week at hospitals in Nebraska and a large healthcare group that has disrupted prescription service for patients.

The group ALPHV Blackcat uses advanced social engineering techniques to research companies it wants as potential victims, according to a warning from the FBI, the U.S. Department of Health and Social Services (HHS) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA). Posing as IT staff from a company, they then dupe other employees to divulge their confidential credentials. Finally, they live-chat with leaders of the organizations to convey their demands for money in exchange for restoring the company files they’ve encrypted.

Healthcare agencies who have been compromised or the victim of an attempted phishing or spoofing incident should contact CISA at [email protected] or 888-282-0870. Read more about ALPHV Blackcat’s tactics and what to do about them in the FBI-HHS-CISA’s joint ransomware advisory issued this week. OSM