North Korea is targeting hospitals with ransomware, U.S. agencies warn




  • In World
  • 2022-07-06 20:25:53Z
  • By NBC News
 

The U.S. government said Wednesday that North Korea is behind a recent strain of ransomware cyberattacks on hospitals and other health care facilities.

The warning is the starkest alert to date that North Korea, which the U.S. has long alleged uses its hackers to raise money for state programs like its nuclear weapons development, has turned to locking up essential American services as a new way to generate money for the state.

In its joint warning, the FBI, Treasury Department and Cybersecurity and Infrastructure Security Agency said North Korean government hackers have been using a strain of ransomware called Maui to infect American hospitals since May 2021.

"North Korean state-sponsored cyber actors used Maui ransomware in these incidents to encrypt servers responsible for healthcare services-including electronic health records services, diagnostics services, imaging services, and intranet services," the agencies said.

Ransomware, in which hackers encrypt a victim's computer networks and demand a key to make them usable again, has become a lucrative criminal enterprise in recent years. Hackers behind it made at least $731 million last year, according to an estimate from cybersecurity company Chainalysis.

U.S. health care facilities are frequent targets of ransomware attacks. There is one known incident in which an American has allegedly died because of a ransomware attack: In 2020, an Alabama mother claimed in a lawsuit that her newborn died because of poor care after her hospital was hacked.

The North Korean mission at the United Nations didn't immediately respond to an emailed request for comment.

Little is public about the victims of North Korea's Maui ransomware. Unlike many ransomware groups, Maui's operators don't host a public website to name-and-shame victims to encourage them to pay.

Allan Liska, a ransomware analyst at the cybersecurity company Recorded Future, said he's learned through confidential industry conversations of "about a dozen" clinics, hospitals and urgent care facilities that have been victims of Maui, but he couldn't name them publicly.

Maui's operators appear to follow the same tactics as most of the major criminal ransomware gangs, Liska said. Those tend to be composed of members across Russia and Eastern Europe. There are some indications of gangs having tacit approval from their country's government.

Major North Korean hacking operations act with direct supervision, said John Hultquist, the vice president of intelligence analysis at the cybersecurity firm Mandiant.

"They're essentially trying to raise money. They're funding the regime. That's their job," Hultquist said.

Western government officials and cybersecurity workers have said North Korea was behind a number of high-profile attacks for large sums of money in recent years. A major North Korean hacking unit took nearly $400 million in cryptocurrency last year, researchers found, and the Treasury Department said North Korean hackers stole $600 million in an attack earlier this year on the game Axie Infinity.

"Unfortunately, ransomware actors have recognized the value of targeting health care, because they pay out," Hultquist said.

"There are plenty of them that lack the ethics that could otherwise stop them," he said. "I ultimately think the North Koreans are unconcerned about any kind of retribution."

COMMENTS

More Related News

Hillicon Valley - US warns against North Korea cyber capabilities
Hillicon Valley - US warns against North Korea cyber capabilities
  • World
  • 2022-08-09 22:44:08Z

U.S. officials warned that North Korea is increasingly using crypto heists to fund nuclear weapons programs. Meanwhile, Facebook's parent company Meta is...

Federal court rules that House committee can access Trump
Federal court rules that House committee can access Trump's tax records

A federal appeals court unanimously ruled that a House committee can access former President Donald Trump's tax records following a yearslong legal battle.

North Korean-sponsored crypto hacks on the rise, experts warn
North Korean-sponsored crypto hacks on the rise, experts warn
  • World
  • 2022-08-09 20:04:39Z

Cybersecurity experts are warning against the rapid growth of cryptocurrency theft led by North Korean state-sponsored hackers following a series of heists...

Congress can get Trump tax records, appeals court rules
Congress can get Trump tax records, appeals court rules

A federal appeals court sided Tuesday with a House committee seeking access to former President Donald Trump's tax returns, rejecting Trump's contention that...

Leonid Slutsky from the Russian State Duma brings "international experts" from North Korea and Nicaragua to Olenivka
Leonid Slutsky from the Russian State Duma brings "international experts" from North Korea and Nicaragua to Olenivka
  • World
  • 2022-08-09 13:50:45Z

UKRAINSKA PRAVDA - TUESDAY, 9 AUGUST 2022, 16:50 Chairman of the State Duma Committee on International Affairs and LDPR [Liberal Democratic Party of Russia] ...

Leave a Comment

Your email address will not be published. Required fields are marked with *

Cancel reply

Comments

Top News: World