The US Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, and the Department of Health and Human Services warned last week of an imminent hacking threat directed at hospitals that could disrupt healthcare services, according to CBS News.
"We are experiencing the most significant cyber security threat we've ever seen in the United States," Charles Carmakal, chief technical officer of the cybersecurity firm Mandiant, tells CBS in a statement.
The alert in particular warned of ransomware attacks using Ryuk and the Trickbot platform. According to the Verge's Recode, Ryuk has cost cities and companies tens of millions of dollars in ransom since it emerged in mid-2018. It adds that Ryuk is thought to be behind the attack on United Health Services that forced the company to take down systems at all 250 of its US facilities.
CBS News says that the threat has been tied to a Russian-speaking group of cybercriminals, but notes there are no proven links between the criminal group and the Russian government.
The federal agencies in their alert advise against paying ransom, as they say payment does not guarantee the return of the locked files and may further embolden hackers. They recommend best practices including patching operating systems, software, and firmware promptly as well as regularly backing up data, storing physical copies of sensitive data at a separate physical location, and making sure employees and others are aware of the threat.