Hospitals fight all kinds of viruses.
Computer scientists are no exception.
The FBI, the Department of Health and Human Services (HHS) and the Cybersecurity and Infrastructure Security Agency (CISA) have warned of a threat of cyber attacks against hospitals and healthcare providers. medical care in the United States.
Ransomware
-
type attacks
- a computer virus that locks computers and data on a system until a ransom is paid - have occurred in New York, Oregon and California, Reuters has confirmed.
"This is an imminent and growing threat of cybercrime for hospitals and healthcare providers in the country," CISA warned through social networks.
However, none have specified exactly how many health facilities have been affected or who are allegedly responsible for the attacks.
HHS sources have said the attacks could be linked to "Russian criminal groups" and several cybersecurity experts consulted by
Reuters
point to a specific group: UNC1878.
UNC1878 and the Ryuk
"UNC1878 is one of the most blatant, ruthless and disruptive threat actors that I have seen in my career,"
Charles Carmakal, senior vice president of the US cyber incident response firm Mandiant
, told
Reuters
.
This group of cybercriminals is one of the best known in cybersecurity circles.
They share the limelight with other
powerful
hacker
groups
, such as the Syrian Electronic Army - known for attacking the pages of world leaders on Facebook and Twitter, such as Barack Obama or Nicolas Sarkozy - and the most famous, Anonymous - active worldwide and known for hacking. the Pentagon and companies like MasterCard, Visa and PayPal.
The direct involvement of UNC1878 has not been confirmed by any official US government channel.
But what is proven is that the type of
ransomware
used to attack hospitals is known as
Ryuk
.
This computer virus is young.
It hit the market in 2018, but in just two years it has cost companies and institutions at least 10 million dollars (8.5 million euros) in ransom payments, as reported by multiple specialized cybersecurity media.
This computer virus is capable of locking down the victim's system until payment for the data ransom has been received.
The latest research on Ryuk published a few days ago by the cybersecurity company SonicWall Capture Labs, has revealed that this type of
ransomware
is "responsible for a third of all cyberattacks in 2020" and that there has been a 40% increase in Its use.
"The increase in the remote and mobile workforce appears to have increased the prevalence of Ryuk, which not only generates financial losses, but also affects health services with attacks on hospitals," says the vice president of platform architecture in the report. from SonicWall, Dmitriy Ayrapetov.
Double fight: ransomware and covid-19
How much does the Ryuk affect a hospital?
A lot.
In fact, experts and medical staff alike have revealed that
ransomware
attacks
often “shut down hospital computer systems, often forcing them to turn to pencil-and-paper graphics and sometimes blocking them from the systems they need to do it. run tests on patients ”.
In addition, as a result of the coronavirus pandemic, hospitals have also become a "key" target for cybercriminals, according to the sources consulted, since, given their condition, they are more likely to pay for the ransom due to the sensitive information and the vulnerability of your patients.
But the pandemic has also opened a gap for cybercriminals to target not only hospitals, but also homes.
According to the latest report by the cybersecurity company Check Point, the rise of teleworking is linked to
ransomware
attacks
,
which have increased by 160% in Spain in the last three months.
Spain, which leads the European ranking, is followed by Germany, with an increase of 145% and, far behind, the United Kingdom (80%) and France (36%).
The Spanish figure is well above the global average, which in these months has seen these attacks grow by 50% compared to the first half of the year.
Checkpoint has warned, through a statement that "organizations around the world are in the midst of a massive wave of
ransomware
attacks
" because companies that focused all their efforts on establishing remote work infrastructures did not do so by applying the best security measures.
You can follow EL PAÍS TECNOLOGÍA RETINA on Facebook, Twitter, Instagram or subscribe here to our Newsletter.
