Cyber Criminals Targeting Hospitals with Ransomware Attacks


The FBI sees ransomware as a significant risk facing businesses in the United States and recently warned healthcare entities against an increased threat.  In their Joint Cyber Security Advisory issued a couple weeks ago, they alert the healthcare sector that malicious actors are using TrickBot and BazarLoader malware to attack their systems.  It appears the cyber criminals are aggressively targeting hospitals with ransomware attacks.  Given the COVID-19 related challenges facing healthcare systems and hospitals right now, this is the last thing they need.

Related: Ransomware, COVID-19, and Double Extortion

The FBI’s advisory makes recommendations relating to your networks, ransomware, and user awareness.  By implementing these recommendations, you can make it more difficult for the cyber criminals targeting hospitals with ransomware attacks.  Some of our favorite recommendations from the FBI report are:

  • Use multi-factor authentication anywhere it is possible
  • Regularly back up data, air gap, and password protect backup copies offline
  • Focus on awareness and training.  Because end users are targeted, make employees and stakeholders aware of the threats—such as ransomware and phishing scams—and how they are delivered. 


Related from the AP: FBI Warns Ransomware Assault Threatens US Healthcare System

How Cyber Insurance Can Protect You Against Ransomware Attacks

While we hope you can use some of the recommendations above to avoid your systems being taken ransom, if you can’t it’s important you minimize the financial impact on your business.  Cyber liability insurance can help protect you against a ransomware attack.  If you decide to pay the ransom, the policy should provide coverage for that.  The policy should also help with related costs like business interruption, computer forensics, data restoration, and other cyber incident costs.

GREAT ARTICLE – Our friends at Evolve recently posted a great article on insurance rates hardening as a result of ransomware.