The Ascension Hospital cyber attack continues to head much of this week’s news, particularly as it follows on both the Heritage healthcare cyber attack and the City of Wichita getting hit by LockBit this week. CNN is reporting that the BlackBasta ransomware group is behind the attack. This latest cyberattack has had significant effects in terms of patient care:
The cyberattack on Ascension, a St. Louis-based nonprofit network that includes 140 hospitals in 19 states, is also disrupting access to electronic health records, some phone systems and “various systems utilized to order certain tests, procedures and medications,” Ascension said in a statement distributed Thursday evening.
The sprawling health care network, which also owns 40 senior living facilities, said that it would be using “downtime procedure for some time,” because of the cyberattack. Downtime procedures are typically when health providers revert to backup processes, including paper records, that allow them to care for patients when computers are down.
Steve Hahn, Executive VP, BullWall:
“So we’re just getting word that Black Basta is behind this attack at Ascension Healthcare and this in the same week that the LockBit ransomware group claimed the attack on the city of Wichita, taking down their network and demanding a ransom. This marks a worrying trend. Russian ransomware groups, such as BlackBasta, LockBit and Blackcat (AlphV), are intensifying their focus on U.S. healthcare. These actions follow the FBI’s operation against Blackcat’s infrastructure, with both groups vowing increased attacks on this sector. These organizations, deeply embedded in Russia, likely amassed close to a billion dollars in ransom in 2023 alone. Their connections with former KGB leaders, including Putin, suggest a geopolitical strategy to target sectors that Putin aims to destabilize.
“The financial toll of these attacks is staggering. United Healthcare’s $22 million payment to decrypt data is minor compared to the broader economic impact, likely exceeding $5 billion. Hospitals like Lehigh Valley Health Network have faced both data encryption and extortion, with potential legal fallout from the threatened release of sensitive patient photos.
“Healthcare systems, with their myriad of IoT devices, widespread provider networks, and vast attack surfaces, are particularly vulnerable. The recent suspension of operations in Northeast hospitals due to cyberattacks underlines the sector’s susceptibility and the potentially fatal consequences of such disruptions.
“For healthcare, preparation is not optional but essential. They must develop robust backup, recovery, and rapid ransomware containment strategies to mitigate these risks and minimize the impact of these inevitable attacks.”
As usual when healthcare organizations get pwned, I get to say that this sector is a soft target for hackers. This needs to stop because at some point someone is going to die because they can’t get the care that they need because of a cyberattack like this one. And the only way that this stops is through making sure healthcare organizations can make the required investments that allows them to be less of a target.
A Follow Up About My Recent Posts About Bell Being Used In Telephone #Scams
Posted in Commentary with tags Bell on May 11, 2024 by itnerdRecently, I’ve written about two instances where I’ve come across a threat actor or actors using Bell Canada’s name in an attempt to scam people. If you want to read about those scams, click here and here for details.
I wanted to make sure that my readers have every opportunity to protect themselves. So I went to Bell directly to ask for commentary as well as tips that would allow you to protect yourself from scams like these. A Bell representative sent me this which I have reprinted verbatim:
This style of fraudulent activity is what is called social engineering, where fraudsters exploit emotions to achieve various objectives. These include accessing sensitive information like passwords, credit card or SIN details, gaining control over computers or devices, or directly acquiring funds from unsuspecting victims.
We want our customers to know that Bell will never contact you to ask for personal information unless we are responding to an inquiry made by the customer. We strongly advise our customers to beware of these fraudulent tactics, trust their instincts, and if they are uncertain about a caller’s identity, hang up and contact our team directly. We take such matters seriously and investigate each matter brought to our attention. If you suspect you have encountered someone fraudulently posing as a Bell representative please email fraud.fraude@bell.ca. For more information on how to protect yourself from telecom fraud, please visit bell.ca/security.
This is very good advice as a whole. And I want to highlight this part specifically:
We strongly advise our customers to beware of these fraudulent tactics, trust their instincts, and if they are uncertain about a caller’s identity, hang up and contact our team directly.
Because I come to the rescue of people who come in contact with scammers on a regular basis, I can say that trusting your instincts is one of the best things that you can do to protect you from being a victim of a scam. If you get the sense that something is wrong, go with it because you’re likely right. And trusting your instincts can save you from a very bad situation. On top of that, if you get a call from someone claiming to be from Bell, and what you hear doesn’t sound right, hang up and call Bell directly at 310-Bell. Finally, this advice doesn’t just apply to Bell, but to any situation that you might find yourself in where you get contacted out of the blue by someone claiming to have some great deal for you, or wanting to take some course of action that doesn’t sound right.
I want to thank Bell for responding to my request for a comment on this as this will help a great many people avoid being on the wrong end of a scam.
Leave a comment »