July 07, 2022
Three U.S. agencies are warning the health care sector to be on alert for a concerning ransomware threat from North Korea.
This week, the Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, and the Treasury Department released a joint cybersecurity advisory to provide information on the Maui ransomware that has targeted health care organizations and led to the disruption of services for some health systems.
The agencies said this form of ransomware has been used since May 2021. It encrypts servers used for health care services, such as electronic health records services, diagnostics services, imaging services, and intranet services.
The cyber actors targeting the industry “likely assume health care organizations are willing to pay ransoms because these organizations provide services that are critical to human life and health,” the advisory said.
“This malicious activity by North Korean state-sponsored cyber actors against the health care and public health sector poses a significant risk to organizations of all sizes,” said Eric Goldstein, CISA's executive assistant director for cybersecurity.
The agencies are urging the health care sector to follow prevention strategies to limit ransomware threats, including:
The full advisory includes additional insights about preparation, mitigation, and response to ransomware attacks. Additional federal resources about ransomware also are available.
For more information, contact Jason Tomashunas, MS, CHEP, HAP’s manager, emergency management.
Tags: Emergency Preparedness | Health IT
Click on topic below for category-specific news articles.
Support a healthier Pennsylvania.