While fighting a surge of new coronavirus infections in many parts of the country, healthcare providers must also be prepared to defend against ransomware. On October 28, 2020, the FBI, the U.S. Department of Health and Human Services (HHS), and the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint alert warning of “credible information of an increased and imminent” cybercrime threat to U.S. hospitals and healthcare providers. Cybercriminals are using Trickbot malware to infect the IT systems of health systems and providers with Ryuk ransomware.
The alert notes that responding to this threat will be particularly challenging for healthcare organizations during the COVID-19 pandemic, particularly those organizations currently experiencing surges in coronavirus cases. Further, the alert acknowledges the reality that organizations will have to balance the risk posed by the pandemic against this new cyber threat when determining cybersecurity investments.
According to reports, healthcare systems across the country have already been affected by this threat. In addition, there are likely organizations whose IT systems are infected with the Trickbot malware who do not yet realize it. The alert warns those organizations that have indicators of a Trickbot network compromise to immediately back up and secure sensitive or proprietary data, as the infection may be an indicator of imminent ransomware attack. Continue Reading