Cybersecurity

US Hospitals Under Pressure as Cyberattacks Compared to 9/11

Recent Cyberattacks Compared to 9/11 Attacks

Cyberattacks remained under the radar of many Americans — until recently.

Since the 9/11 attacks, the US has often focused on the challenges from terrorism rather than the mounting digital war being waged on businesses and agencies of all types and all sizes. Now, ransomware attacks are shifting our focus.

FBI Director, Christopher Wray told the Wall Street Journal that the agency is investigating about 100 different types of ransomware, many tracing back to hackers in Russia. Wray compared the current spate of cyberattacks with the scale and challenge posed by the Sept. 11, 2001, terrorist attacks.

“There are a lot of parallels, there’s a lot of importance, and a lot of focus by us on disruption and prevention,” Mr. Wray said in an interview Thursday. “There’s a shared responsibility, not just across government agencies but across the private sector and even the average American.”

Mr. Wray’s comments—among his first publicly since two recent ransomware attacks gripped the US meat and oil-and-gas industries – emphasized that each of the 100 different malicious software variants is responsible for multiple ransomware attacks in the US.

The White House warned corporate executives and business leaders on Thursday to step up security measures to protect against ransomware attacks after intrusions disrupted operations at a major meatpacking company and the largest US fuel pipeline.

There has been a significant hike in the frequency and size of ransomware attacks, Anne Neuberger, cybersecurity adviser at the National Security Council, said in a letter.

“The threats are serious and they are increasing. We urge you to take these critical steps to protect your organizations and the American public,” she added.

President Joe Biden believes ransomware attacks are a “rising national security concern,” the White House said Friday.

What is Ransomware?

Ransomware is a type of malicious computer code that locks up a victim’s network files that hackers use to demand a ransom payment for their release, typically with digital currency such as bitcoin. One individual can inadvertently release the malware into the system by clicking on a spoof or phishing email that looks authentic but is sent by an imposter.

Hospitals the Latest Victims in Ransomware Attacks

UF Health Hospitals in Central Florida, serving the largest retirement community in the country, shut down their entire IT system after discovering hackers. They have no email access between hospitals in the medical network and have resorted to paper records.

The medical network discovered the attack on Memorial Day, impacting two of its hospitals. Long holiday weekends are attractive to hackers who assume greater vulnerabilities at that time. UF Health Hospitals does not believe hackers stole any patient or personnel records.

“We immediately proceeded in a manner to protect our systems, including patient information, while also ensuring that we could continue providing great patient care — that was our first priority,” UF Health said in a statement.

Solutions

No company in the US is invincible. One compromised or stolen password from one person is all it takes for cybercriminals to access the network.

Backups of critical data are crucial, preferably outside of the company’s network.

If you are ever in doubt, take the time to double-check before clicking on a link or attachment in an email or text message. You can verify the sender by using multi-factor authentication. One phone call to the alleged sender or one security code sent to you by email or text can change the course of a cyber event.

Haste makes waste is an understatement in the internet-connected world. Indeed, we have a shared responsibility to be aware, vigilant, and act accordingly, now more than ever.

Featured image (top): by GDJ/9249 on Pixabay.

Dawn Kristy

I am a nationally recognized thought leader and cyber subject matter expert. I advise clients and executives on how to bridge the gap between IT, business, and communications strategy with difficult cyber, privacy, or emerging risks, I collaborate with experts and clients on risk management, data management, and compliance in various industry verticals, including financial services, healthcare, manufacturing, construction, logistics, law, and federal government contracting.

Leave a Reply