• About
  • Advertise
  • Careers
  • Contact
Monday, March 20, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Data Breach

No reprieve for health care orgs as ransomware hits hospital operator, plastic surgeons

by Cyber360 News
May 7, 2020
in Data Breach
0
No reprieve for health care orgs as ransomware hits hospital operator, plastic surgeons
0
SHARES
15
VIEWS
Share on FacebookShare on Twitter

If there was any lingering hope that cybercriminals would show mercy on health care providers during the COVID-19 crisis — as some claimed they would do — that pipe dream evaporated with the news that various ransomware groups attacked Fresenius, Europe’s largest private hospital operator, as well as a pair of U.S.-based plastic surgery clinics.

Krebs on Security reported today that Germany-based Fresenius, which also provides dialysis services, drugs and medical devices, has experienced disruptions across its global operations after being hit with the malicious Snake encryptor. Early reports of Snake first emerged in January 2020, as cyber experts took note of the ransomware’s unusual behavior of killing named process related to ICS solutions and SCADA systems, potentially placing OT environments at risk.

“I can confirm that Fresenius’ IT security has detected a computer virus on company’s computers in a number of areas,” a spokesperson said in an email to SC Media. “As a precautionary measure in accordance with the security protocol drawn up for such cases, steps have been taken to prevent further spread. Nevertheless, our production continues, with certain limitations. Also our patient care continues. Our hospital business, for example, is not affected at all.”

Any disruptions of Fresenius’ dialysis business would be worrisome, security expert Brian Krebs reported on his blog site, because the company owns 40 percent of the market share. Many COVID-19 victims are experiencing kidney failure, placing a strain on demand for dialysis equipment and supplies.

“As expected, the purported ceasefire on health care providers by ransomware operators has proven short-lived. Rather than being rooted in any sort of altruism, the attackers were simply waiting for the optimum time to strike: when Fresenius was under immense strain as it attempted to meet the demands onset by the COVID-19 pandemic. This should act as a lesson to other healthcare providers and industries,” said David Jemmett, CEO and founder at Cerberus Sentinel. “In this climate of increased threat volume, it’s imperative healthcare organizations have a cyber resiliency strategy in place, so they can continue to operate effectively and support and provide diagnoses for their patients.”

“Being mindful of COVID-19 social challenges, some cyber gangs decisively called to abstain from any attacks against medical and healthcare organizations, but unsurprisingly not everyone follows this Robin Hood code of ethics,” added Ilia Kolochenko, founder and CEO of ImmuniWeb.

Plastic surgery — especially the elective variety — is obviously not as vital of a medical service during the COVID-19 era. Nevertheless, by reportedly encrypting, exfiltrating and publicly leaking files that apparently belong to two plastic surgery practices, the operators behind Maze ransomware appear to have broken their previously stated commitment to avoid attacking and extorting health care providers during the pandemic. (Kroll, a division of Duff & Phelps, just released a detailed report on the latest TTPs of the Maze group.)

DataBreaches.net reported both of the plastic surgery attacks [1, 2], speculating that perhaps the two incidents were made possible by the compromise of a shared vendor or business associate. In its first report on May 5, the website reported observing data on Maze’s doxing website that apparently relates to the clinical patients of Bellevue, Washington-based plastic surgeon Dr. Kristin Tarber. Leaks data appears to include patients’ sensitive medical histories.

In a second report published today, DataBreaches revealed that the Maze team also struck the Nashville Plastic Surgery Institute, LLC — doing business as Maxwell Aesthetics — on the same day it was reopening after halting operations due to COVID-19. Stolen and doxxed patient information reportedly includes names, birth dates, diagnostic info, type of surgery and health insurance information.

SC Media has reached out to both plastic surgery clinics for comment.

These latest incidents — but particularly the high-profile Fresenius one — demonstrate the critical importance of health care organizations taking preventative steps to ensure patients don’t suffer when an attack occurs.

“With COVID-19 pressing down upon us, we are again reminded of how critically important it is to secure our devices and networks so we can avoid impacting our currently over-strained hospital care environments further,” said Bob Rudis, chief data scientist at Rapid7.

“To help resolve these issues, healthcare organizations should look to mitigate risk via network,” Rudis continued. “To accomplish this, hospitals and medical care environments should consider segmenting their network into three general categories: medical business operations networks (run the hospital network), medical care network (general medical care appliances), and life critical care (ICU, appliances used to sustain life or administer drugs). By following these network segmentation principles, the risk to patient’s health and safety would be greatly reduced allowing more time for properly validate, update and patch devices.”

Drex DeFord, former CIO at Scripps Health, Seattle Children’s and Steward Healthcare, and current strategic executive for CI Security told SC Media that COVID-19 “drove many health care orgs to change business/clinical practices almost overnight,” as they began urgently introducing work-from-home protocols, hiring new employees, and installing equipment — some non-standard — into their environments.

These actions only increase risk of a future ransomware infection. DeFord, therefore, recommends health care organizations “put your Security Operations Center into overdrive. And if you can’t field you own SOC team for 24/7/365 monitoring… find a healthcare-focused SOC vendor-partner quick.” He also advises these companies to maintain best practices and ensure effective communication between security and IT teams and the rest of the business.

“Healthcare orgs are already running on razor-thin margins and burning through days-cash-on-hand; the last thing they need is a cybersecurity incident that amplifies those challenges, and impacts care for patients and families,” said DeFord.

Cyber360 News

Cyber360 News

Next Post
Microsoft Announces $100,000 Reward For Hacking Its Custom Linux OS

Microsoft Announces $100,000 Reward For Hacking Its Custom Linux OS

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In