WASHINGTON – MARCH 9: The seal of the F.B.I. hangs in the Flag Room at the office’s headquarters… [+] March 9, 2007 in Washington, DC. FBI Director Robert Mueller responded to a Justice Department inspector general report that concluded the FBI had committed 22 violations in its collection of information through the use of national security letters. The letters, which the audit estimated at 47,000 in 2005, allow the agency to collect information such as phone, bank and email records without a court-approved subpoena. (Photo by Chip Somodevilla/Getty Images)
The US Department of Justice (DOJ) announced this week that around $500,000 worth of BitcoinBTC
has been seized from North Korean threat actors who were using the Maui ransomware to attack healthcare organizations in the United States. The DOJ filed a complaint in the District of Kansas asking for the restitution of confiscated Bitcoin to victims of the attacks who were healthcare providers in Kansas and Colorado.
The attacks caused major disruption to IT systems and medical services and put patient safety at risk. The new ransomware variant was discovered during an investigation of a ransomware attack on a Kansas hospital in May 2021. The Kansas vendor had alerted the FBI when the ransomware occurred. As a result, the FBI was able to observe a $120,000 bitcoin payment to one of the seized accounts that was being paid for separately by the Colorado healthcare provider.
Young Asian man frustrated, confused and having a headache from ransomware attack on desktop screen, notebook … [+] and internet security, cyber attack and smartphone concepts
The attack was attributed to a North Korean hacking group suspected of receiving support from the DPRK. The Kansas hospital had its servers encrypted, preventing access to essential computer systems for more than a week. The hospital paid a ransom of $100,000 for the keys to decrypt files and regain access to its servers, and immediately.
While Ransomware Is A New Phenomenon, Healthcare Organizations Are Most Vulnerable
“Thanks to prompt reports and the cooperation of a victim, the FBI and Justice Department prosecutors have disrupted the activities of a North Korean state-sponsored group deploying ransomware known as ‘Maui,'” the agency said today. Assistant Attorney General Lisa O. Read also : Supporting LGBTQ+ Mental Health Workers. Monaco at the International Conference on Cybersecurity. Treasury, the FBI, and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint alert on July 6 regarding Maui and the attack on health care providers.
The number of ransomware attacks on healthcare organizations increased 94% from 2021 to 2022, according to a report from cybersecurity firm Sophos. More than two-thirds of healthcare organizations in the US said they had experienced a ransomware attack in 2021, according to the study, up from 34% in 2020.
In October 2020, the FBI, CISA, and the US Department of Health and Human Services issued a joint alert saying there was “…credible information of a growing and imminent cybercrime threat to hospitals and health care providers. US Health Care CISA, FBI, and HHS are sharing this information to alert health care providers and ensure they take timely and reasonable precautions to protect their networks from these threats.”
The DHHS describes on its website how a hospital is closed as a result of a ransomware attack.
In a section of the CISA website, the organization explains part of the problem. “Health information technology provides critical life-saving functions and consists of networked systems that take advantage of wireless technologies, which in turn makes such systems more vulnerable to cyberattacks,” states CISA on vulnerabilities health care and the public sector.
Targeting healthcare providers is also motivated to expose sensitive patient information and incur substantial financial costs to regain control of hospital systems and patient data. According to Experian, healthcare data is extremely lucrative with records costing $1,000 per record, which is substantially higher than credit card reports costing $5-$10 a piece on the dark market.
