Feds in­dict ran­somware hack­ers of Allscripts, oth­ers

Modern Healthcare - - Technology - By Rachel Z. Arndt

THE U.S. JUS­TICE DE­PART­MENT in­dicted two men who led cy­ber­at­tacks on the com­puter sys­tems of health­care com­pa­nies and oth­ers, re­sult­ing in more than $30 mil­lion in losses.

This was the first U.S. in­dict­ment of in­di­vid­ual peo­ple for ran­somware at­tacks.

Allscripts, Med­star Health and Hol­ly­wood Pres­by­te­rian Med­i­cal Cen­ter were among those in­fected with the ran­somware. Al­to­gether, the at­tacks caused vic­tims to lose more than $30 mil­lion, in ad­di­tion to the ran­som pay­ments.

The men, Fara­marz Shahi Sa­vandi and Mo­ham­mad Me­hdi

Shah Man­souri, both based in Iran, used the SamSam ran­somware for ex­tor­tion, net­ting them more than

$6 mil­lion in ran­som pay­ments. They “de­lib­er­ately en­gaged in an ex­treme form of 21st-cen­tury dig­i­tal black­mail, at­tack­ing and ex­tort­ing vul­ner­a­ble vic­tims like hos­pi­tals and schools, vic­tims they knew would be will­ing an able to pay,” As­sis­tant At­tor­ney Gen­eral Brian Benczkowski said in a state­ment.

Af­ter break­ing into or­ga­ni­za­tions’ net­works, the hack­ers used the ran­somware to seal off ac­cess to the data. They then de­manded pay­ment in bit­coin in ex­change for un­lock­ing the data.

For Allscripts, that meant days of down­time for its Pro­fes­sional EHR, Elec­tronic Pre­scrip­tions for Con­trolled Sub­stances, and other ser­vices, af­fect­ing about 1,500 clients.

“Allscripts and its af­fil­i­ates sup­port and are en­cour­aged by ef­forts to bring per­pe­tra­tors of ran­somware at­tacks to jus­tice,” the com­pany said in a state­ment.

The in­dict­ment re­flects the Jus­tice De­part­ment’s tough stance on cy­ber­crime, ac­cord­ing to Benczkowski. “We want to get the word out that ev­ery sec­tor of our econ­omy is a po­ten­tial tar­get of ma­li­cious cy­ber­ac­tiv­ity,” he added.

Health­care in par­tic­u­lar has drawn the at­ten­tion of hack­ers. For 2018 through the end of Oc­to­ber, there were 306 breaches of health­care or­ga­ni­za­tions re­ported to HHS’ Of­fice for Civil Rights. The ma­jor­ity of those breaches were clas­si­fied as “hack­ing/IT in­ci­dent.”

Be­cause hack­ing is grow­ing more and more wide­spread, com­pa­nies need to “di­ver­sify” their de­fense strate­gies, ac­cord­ing to Sherban Naum, se­nior vice pres­i­dent for cor­po­rate strat­egy and tech­nol­ogy for data-se­cu­rity firm Bromium.

These strate­gies should in­volve sep­a­rat­ing out the most im­por­tant in­for­ma­tion on their net­works so it’s pro­tected

● in case of a wide­spread hack, he said.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.