Monday, September 13, 2021

AMERICAN HEALTHCARE CRISIS
Ransomware groups continue assault on healthcare orgs as COVID-19 infections increase

Ransomware groups have shown no signs of slowing down their assault on hospitals, seemingly ramping up attacks on healthcare institutions as dozens of countries deal with a new wave of COVID-19 infections thanks to the potent Delta variant.

© Image: Getty
Ambulances outside a hospital in Ireland.

Jonathan Greig 
ZDNet 

One of the newer ransomware groups, Vice Society, debuted in June and made a name for themselves by attacking multiple hospitals and leaking patient info. Cybersecurity researchers at Cisco Talos said Vice Society is known to be "quick to exploit new security vulnerabilities to help ransomware attacks" and frequently exploits Windows PrintNightmare vulnerabilities during attacks.
 


"As with other threat actors operating in the big-game hunting space, Vice Society operates a data leak site, which they use to publish data exfiltrated from victims who do not choose to pay their extortion demands," Cisco Talos explained last month.

Cybersecurity firm Dark Owl added that Vice Society is "assessed to be a possible spin-off of the Hello Kitty ransomware variant based on similarities in the techniques used for Linux system encryption." According to Black Fog, they were implicated in a ransomware attack on the Swiss city of Rolle in August. 

© Provided by ZDNet The Vice Society leak site. Cisco Talos

Multiple hospitals -- Eskenazi Health, Waikato DHB and Centre Hospitalier D'Arles -- have been featured on the criminal group's leak site. The group made waves this week by posting the data of Barlow Respiratory Hospital in California.

The hospital was attacked on August 27 but managed to avoid the worst, noting in a statement that "no patients were at risk of harm" and "hospital operations continued without interruption."

Barlow Respiratory Hospital told ZDNet that law enforcement was immediately notified once the hospital noticed the ransomware impacting some of its IT systems.

"Though we have taken extensive efforts to protect the privacy of our information, we learned that some data was removed from certain backup systems without authorization and has been published to a website where criminals post stolen data, also known as the 'dark web.' Our investigation into the incident and the data that was involved is ongoing," the hospital said in a statement.

"We will continue to work with law enforcement to assist in their investigation, and we are working diligently, with the assistance of a cybersecurity firm, to assess what information may have been involved in the incident. If necessary, we will notify the individuals whose information may have been involved, in accordance with applicable laws and regulations, in due course."

The attack on Barlow caused considerable outrage online considering the hospital's importance during the COVID-19 pandemic. But dozens of hospitals continue to come forward to say they have been hit with ransomware attacks.

Vice Society is far from the only ransomware group targeting hospitals and healthcare institutions.

The FBI released an alert about the Hive ransomware two weeks ago after the group took down a hospital system in Ohio and West Virginia last month, noting that they typically corrupt backups as well.

Hive has so far attacked at least 28 organizations, including Memorial Health System, which was hit with a ransomware attack on August 15.

Ransomware groups are also increasingly targeting hospitals because of the sensitive information they carry, including social security numbers and other personal data. Multiple hospitals in recent months have had to send letters out to patients admitting that sensitive data was accessed during attacks.

Simon Jelley, general manager at Veritas Technologies, called targeting healthcare organizations "particularly despicable."

"These criminals are literally putting people's lives in danger to turn a profit. The elderly, children and any others who require medical attention likely will not be able to get it as quickly and efficiently as they may need. At the same time, the hackers hold hospital systems and data prisoner," Jelley said.

"Not to mention that healthcare facilities are already struggling to keep up as COVID-19 cases surge once again in many places across the country. Preventing ransomware attacks is a noble effort, but as illustrated by the Memorial Health System attack and so many others like it in recent months, preparation for dealing with the aftermath of a successful attack is more important than ever."

Overwhelmed Kentucky hospitals fear the worst as federal Covid-19 assistance set to leave Frida

By Amir Vera and Lauren Clabby Moore, CNN 
© CNN St. Claire Regional Medical Center in Morehead, Kentucky.

A Covid-19 surge in Kentucky has led to so many patients at St. Claire Regional Medical Center that the workers are unsure how they'll handle the growing numbers when a medical team sent by the federal government leaves Friday.

The Morehead hospital, about 65 miles east of Lexington, is one of the hardest-hit due to the influx of Covid-19 patients. It's the largest health care facility serving 11 counties in rural northeastern Kentucky and -- as of last week -- was at 130% above capacity, according to St. Claire Health Care CEO Donald Lloyd.

"The only reason we are holding this lifeboat together is I have a federal disaster medical assistance team here, 14 people who have just been heroes to us. And, unfortunately, their deployment is over on Friday," Dr. William Melah, the chief medical officer for St. Claire Health Care, told CNN's Kate Bolduan on Monday. "I'm going to lose 14 health care professionals, and I literally have no idea what we're going to do on Friday."

Gov. Andy Beshear said during a Covid-19 briefing Monday that hospitals in Kentucky are "struggling more today than at any other point during the pandemic." Because of this, Beshear said about 400 National Guard troops will be deployed across 25 hospitals in the state.

"This is, I think, the largest deployment for a health care crisis in our commonwealth's history," Beshear said. "Every hospital that they go to not only talk about how it's a morale boost, but it truly helps in the operation and it allows them to provide more care to more patients."

An "army of nursing students" is also being sent all over the state, the governor said.

At St. Claire, there are currently five EMS teams and one medical team from the Federal Emergency Management Agency, Beshear said.

"We will continue look for any other way we can help," Beshear said.

While the hospital is holding on by a thread, Melah assured the community St. Claire would not turn anyone away.

"We're gonna have to... (I) don't know what we're going to do," he said. "I really don't feel like answering that question right now because it is so disturbing."

Last week, the situation at St. Claire was so bad that some non-Covid patients were waiting 24 hours for care or until someone got better or died, Melah said.

As of Monday afternoon, Kentucky had more than 620,000 Covid-19 cases and more than 8,000 deaths, according to data from Johns Hopkins University. Roughly 50% of the state's population is vaccinated.

Melah also emphasized that medical workers are not angry at patients, but rather those who have manipulated them into thinking the vaccines aren't safe or that they're more dangerous than being infected with Covid-19.

"They hear that from experts, they hear from politicians and from social media. And we're not here to be angry with them," Melah said. "There's actually one enemy and only one thing to be angry about and that is coronavirus. That's the real enemy. And we're at war with coronavirus."


No comments:

Post a Comment