CISA warns of disruptive ransomware attacks on US hospitals

CISA warns of disruptive ransomware attacks on US hospitals


Healthcare providers across the US are warned about massive new ransomware attacks that could impact their ability to treat COVID-19 patients.

The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert after healthcare providers after multiple hospitals suffered ransomware attacks from an Eastern European cybercriminal gang known as Wizard Spider.

Wizard Spider targeted a total of six hospitals within a single day. The hospitals are located in Oregon, California, and New York. Resultantly, most of the patients had to be shifted to other facilities.

See: Ransomware attack on hospital causes patient’s death

The attacks are referred to as the most disruptive cyber-attacks the healthcare sector received during the COVID-19 pandemic.

As per the notice, Wizard Spider has launched a massive new ransomware campaign that could affect their ability to treat coronavirus patients.

The alert was jointly issued by the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the Department of Health and Human Services (HHS). It is worth noting that HHS was also under attack in March 2020 which the service claimed was carried out to halt Coronavirus response in the country.

The agencies claim that the attackers are using Ryuk ransomware variant and TrickBot malware for targeting the healthcare sector. Ryuk ransomware was first discovered in 2018. Cybercriminals often use it for deploying off-the-shelf tools, including PowerShell Empire and