Hospitals across the U.S. are bracing for aggressive cyberattacks that could threaten patient care amid a national rise in Covid-19 hospitalizations, after security companies and the federal government warned that Russian cybercriminals had already hobbled operations at several hospitals over the past week and were targeting hundreds of others.
The attackers have disrupted hospital systems in Vermont, New York, Oregon and elsewhere within the past few days, deploying a type of malware called ransomware that infects computers and locks up systems until the victims pay a ransom, according to security analysts.
Government agencies and cybersecurity companies warn the potential damage amid rapidly rising coronavirus cases across the U.S. could have catastrophic consequences.
Ransomware attacks have hit hospital networks in the past, but the new surge of attacks reflects a disturbing change of tactics from a particularly effective ransomware group, said Charles Carmakal, chief technology officer at the U.S.-based cybersecurity firm Mandiant, which has worked with some of the affected hospitals.
“Most threat actors, they’re explicitly not looking to hit hospitals,” Mr. Carmakal said. “This group in particular has explicitly stated that they’re going to hit hospitals and they’ve proven it.”
