HAP's Latest News

Hackers Target Health Care with New Ransomware Threat

July 07, 2022

Three U.S. agencies are warning the health care sector to be on alert for a concerning ransomware threat from North Korea.

This week, the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, and the Treasury Department released a joint cybersecurity advisory to provide information on the Maui ransomware that has targeted health care organizations and led to the disruption of services for some health systems.

The agencies said this form of ransomware has been used since May 2021. It encrypts servers used for health care services, such as electronic health records services, diagnostics services, imaging services, and intranet services.

The cyber actors targeting the industry “likely assume health care organizations are willing to pay ransoms because these organizations provide services that are critical to human life and health,” the advisory said.

“This malicious activity by North Korean state-sponsored cyber actors against the health care and public health sector poses a significant risk to organizations of all sizes,” said Eric Goldstein, CISA's executive assistant director for cybersecurity.

The agencies are urging the health care sector to follow prevention strategies to limit ransomware threats, including:

  • Installing updates for operating systems, software, and firmware as soon as they are released and regularly updating antivirus and antimalware software on all hosts
  • Securing and monitoring remote desktop protocol closely
  • Implementing user training programs and phishing exercises about cyber risks
  • Requiring multi-factor authentication for as many services as possible
  • Using strong passwords and avoiding reusing passwords
  • Requiring administrator credentials to install software

The full advisory includes additional insights about preparation, mitigation, and response to ransomware attacks. Additional federal resources about ransomware also are available.

For more information, contact Jason TomashunasMS, CHEP, HAP’s manager, emergency management.