BETHLEHEM, Pa. — Recent ransomware attacks against healthcare providers have once again highlighted the need for careful health care provider security measures.
Just last month, the BlackCat hacker group orchestrated a cyberattack against Change Healthcare, a subsidiary of UnitedHealth Group.
The BlackCat group, also known as ALPHV or Noberus, demanded $22 million from major healthcare companies after attacks rendered payment and prescription services nearly impossible, according to the U.S. Department of Justice.
UnitedHealth Group's webpage dedicated to “cyber response” shows half of the recovery efforts are complete, with two more in progress as of the week of March 15th and March 18th. has been done.
Ongoing work includes restoring provider electronic payments and reconnecting/testing billing systems.
In a December 2023 release on the ransomware disruption campaign, the Department of Justice called the BlackCat group “the second most prolific ransomware-as-a-service variant in the world,” with more than 1,000 victims. He pointed out that he was being targeted by computer networks.
Following the February 21st attack, the FBI and HSS sent out an advisory days later, noting that BlackCat affiliates were “primarily targeting the medical sector” and urging security experts to “prevent them from malicious activity.” “Protect and Detect.”
“In most places it's not a matter of life and death, but in a hospital it's life and death. So there's a need to protect people in a hospital environment.”
Kermit Burley, Information Technology Program Coordinator, Penn State Lehigh Valley
Last year, the same group allegedly linked to Russia attacked Lehigh Valley Physicians Group.
BlackCat hackers then posted patient information and nude photos on the dark web of cancer patients undergoing radiation oncology treatment at LVPG Delta Medics in Lackawanna County.
Federal agencies such as the Cybersecurity and Infrastructure Security Agency advise against paying ransoms in response to cyberattacks. But for health care providers, that's not necessarily an option, said Kermit Burley, a lecturer at Penn State Lehigh Valley.
“In most places, life and death don't exist, but in a hospital, there is life and death,” Burley said. “So we need to protect people in hospital settings.”
The question of life and death is likely to be the vulnerabilities that hackers target when choosing their targets, he said.
Burley, the information technology program coordinator, said he believes everyone needs to remain vigilant because ransomware attacks can happen to anyone.
“Anytime you think you can't break through, that's vulnerability,” Burley says. “Complacency is the enemy, not just in hospitals, but in everyone.”
