Over the last week, Russian cybercriminals have launched malware attacks against hospital systems in Vermont, New York, and Oregon, and the federal government is warning all U.S. medical facilities to be prepared for a strike.
During an attack, computers are infected by ransomware, which locks up systems; in order to get control back, the victim must pay a ransom. Hospitals that are affected can no longer use electronic records and have to write everything down on paper, which disrupts patient care and is especially alarming due to the high number of COVID-19 hospitalizations.
"Most threat actors, they're explicitly not looking to hit hospitals," Charles Carmakal, chief technology officer at the cybersecurity firm Mandiant, told The Wall Street Journal. "This group in particular has explicitly stated that they're going to hit hospitals and they've proven it." Mandiant and other analysts believe an Eastern European criminal hacking collective is behind the recent activity, the Journal reports, and Carmakal called it "the most significant cyber threat that I've seen in the United States in my career."
On Tuesday, the Sky Lakes Medical Center in Klamath Falls, Oregon, was hit by a ransomware attack, hospital spokesman Tom Hottman told the Journal. In an attempt to stop the malware from spreading, the hospital took its medical and back-office information systems offline. Some surgical procedures have had to be postponed because of the attack, Hottman said, and cancer care like radiation oncology is also unavailable. "We're open for business, it's just not business as usual," he added.