South Florida hospitals on alert after warning of cyber attacks that target finances

MIAMI, Fla. – Several federal agencies are warning that U.S. hospitals and healthcare systems are under an increased cyber security threat. The agencies said they have “credible information” that cybercriminals are taking new aim at healthcare providers and public health agencies as the coronavirus pandemic reaches new heights.

South Florida representatives of area hospital-care systems said although they haven’t been made aware that they are specific targets of cyber attacks, they are being vigilant.

Connie Barrera is chief information security officer at Jackson Health System. “They need to be right one time and it’s over, game over,” she said about the hackers. Jackson Health System has not been affected by the attacks.

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS), issued the warnings that computer attacks are specifically targeting health-care systems.

The federal agencies issued an advisory that described tactics, techniques, and procedures used by cybercriminals against targets in the healthcare and public health dector to infect systems with Ryuk ransomware for financial gain, according to its report. Malware called Trickbot can launch the attacks, steal data, and disrupt healthcare services.

“What ransomware does, in essence, is it leaves your systems completely inoperable,” Barrera said.

The attacks, which have reportedly already affected some hospitals nationwide, couldn’t come at a worse time since so many are focused on caring for patients with COVID-19.

The University of Miami sent out a warning about the cyber threat advising university system users to be on alert. They emphasized that the threat did not specifically mention UM’s health system, but warned all UM users that anyone on the network could be a source of entry to the entire system

In its alert, UM reminded people to take common-sense precautions.

• Do not not open documents or attachments from an unknown source.
• Do not click on any links that are sent to you from an unknown source.

“It works because it finds the weakest link,” Barrera said. “Many times that’s a user willing to click on something,” she said.

At Jackson Health System, the hospital does large-scale testing of their continuity — or back up plans — in the event of an attack. “No doubt, we need to have backups of the backups and test them,” according to Barrera. Health care systems spend millions of dollars on technology to prevent these types of attacks.

“It’s not going to end. We just need to get better at the game of defeating them,” Barerra said.

Key findings from the report are:

• CISA, FBI, and HHS assess malicious cyber actors are targeting the HPH Sector with Trickbot malware, often leading to ransomware attacks, data theft, and the disruption of healthcare services.
• These issues will be particularly challenging for organizations within the COVID-19 pandemic; therefore, administrators will need to balance this risk when determining their cybersecurity investments.

(See the complete report here: Issued October 28, 2020: Ransomware activity targeting healthcare and public health sector.)