U.S. sanctions cyber gang targeting hospitals

Sep 07, 2023 - 03:01 PM
cybersecurity-hand-lock-graphic_900x400

The U.S. Treasury Department, in coordination with the United Kingdom, Sept. 7 sanctioned 11 individuals who are part of the Russia-based Trickbot cybercrime group, whose targets have included hospitals and other critical infrastructure organizations. The Department of Justice also unsealed indictments against nine individuals in connection with Trickbot malware and Conti ransomware, including seven of the sanctioned individuals. According to the agencies, the Trickbot group in 2020 launched a wave of ransomware disruptions against U.S. hospitals and health care facilities, in one case deploying ransomware that disrupted computer networks and telephones at three Minnesota facilities and caused them to divert ambulances.  
 
“The United States is resolute in our efforts to combat ransomware and respond to disruptions of our critical infrastructure,” said Under Secretary of the Treasury Brian Nelson. “In close coordination with our British partners, the United States will continue to leverage our collective tools and authorities to target these malicious cyber activities.”
 
John Riggi, AHA’s national director for cybersecurity and risk, said, “We are highly encouraged to see the combined forces and offensive cyber capabilities of the U.S. and U.K. governments being leveraged to target these Russian state-supported ransomware gangs. It has become clear that we cannot rely solely on defense measures to mitigate the threat of ransomware. Disruption of the ransomware perpetrators and their finances on an ongoing basis is essential to mitigate the threat of ‘cyber terrorism.’ When hospitals are attacked, lives are threatened.” 
 
For more information on this and other cyber and risk issues, contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.

Related News Articles

Headline
AHA blog: How to prepare for third-party cyber risk 
In his latest AHA Cyber Intel blog, John Riggi, AHA national advisor for cybersecurity and risk, explains why cybercriminals are shifting from directly…
Headline
CISA guidance informs users on software products which should be secure by design and demand 
The Cybersecurity and Infrastructure Security Agency and FBI Aug. 8 released guidance on secure by design software products which includes resources to assess…
Perspective
Keeping Up Our Guard and Fighting Back Against Cybercrime
It seems like barely a week goes by without a new cyberattack that affects health care providers. Often, it’s a ransomware attack conducted by foreign criminal…
Headline
Agencies issue update on BlackSuit ransomware group
The Cybersecurity and Infrastructure Security Agency and FBI today issued an updated advisory on the BlackSuit ransomware group, providing information on…
Headline
AHA podcast: The FBI’s Global Fight Against Cybercrime 
Cybercriminals are ramping up attacks on health care systems throughout the United States, with a majority of these crimes originating from international,…
AHA Cyber Intel
Third-Party Cyber Risk Impacts the Health Care Sector the Most. Here’s How to Prepare.
We all know by now that cyber risk is not just an "IT issue," but rather it is an enterprise risk issue. Cyberattacks represent a potential risk to every…