In a joint statement issued by the FBI and Department of Health and Human Services, in association with the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), all companies serving in the healthcare sector are being warned that they could be attacked by malware amid the rise of a new wave of COVID 19 infections.
The joint alert says that a European-based hacking gang dubbed as UNC1878 was on the prowl of spreading malware to healthcare companies and if the situation deteriorates; firms operating in the health care sector are at risk of shutting down amid the Corona crisis.
Cybersecurity firm FireEye discovered the activities of UNC1878 on Wednesday last week and shared the information with the three federal agencies during the weekend. After this, the Fed decided to issue a warning to healthcare providers to ensure that they take all necessary precautions to protect their networks from existing cyber threats.
FireEye research says that the hackers from the said European Group have already targeted many retirement communities, medical centers, and hospitals so far showing clear disregard towards the value of human lives.
“This is one of the most brazen heartless and disruptive threat acts I have observed in my career”, said Charles Carmakal, the Senior Vice President and CTO of Fire Eye’s Mandiant Threat Intelligence.
Mr. Charles added that UNC1878 is known to spread RYUK Ransomware having the potential to first steal data and then lock down the database from access.
Note- There are no free tools to decrypt RYUK ransomware and so expertise is needed to break the encryption distributed by the malware.