\n<\/p>\n
Hundreds of cyberattacks have been reported against healthcare systems, but federal authorities say a \u201c21st century cyber stakeout\u201d thwarted a notorious group targeting hospitals and other critical infrastructure.<\/p>\n
The U.S. Justice Department<\/a> announced Thursday that the FBI managed to break into the networks of Hive, a ransomware group that has threatened health systems, financial companies, and schools around the world.<\/p>\n The FBI managed to penetrate Hive\u2019s systems, recover decryption keys and offered those tools to victims. The FBI\u2019s success prevented victims from having to pay $130 million in ransom payments. <\/p>\n John Riggi, the American Hospital Association\u2019s national advisor for cybersecurity and risk, hailed the FBI\u2019s success in disrupting the HIVE group. Scores of hospitals have been hit by ransomware attacks<\/a>.<\/p>\n \u201cThe disruption and dismantlement of the Hive ransomware by the FBI, the U.S. Department of Justice and international partners is welcome news and will help make hospitals safer against high-impact ransomware attacks, which have disrupted health care delivery and jeopardized patient safety,\u201d Riggi said in a statement.<\/p>\n The federal government reported hundreds of breaches of private health information in 2022, affecting millions of Americans.<\/p>\n In a survey of healthcare IT professionals released earlier this month, nearly half said their organizations experienced a ransomware attack in the past two years<\/a>. Among those who said they had been hit with a ransomware attack, 45% said the attacks led to patient complications, according to the survey by the Ponemon Institute.<\/p>\n The Justice Department said the FBI distributed over 1,000 additional decryption keys to previous Hive victims. And the department said it coordinated with law enforcement agencies in Germany and the Netherlands to hamper Hive\u2019s ability to communicate with its members by seizing servers and websites Hive has used.<\/p>\n Deputy Attorney General Lisa O. Monaco said in a statement that the success of federal authorities should send a reassuring message to victims and a warning to other cybercriminals.<\/p>\n \u201cIn a 21st century cyber stakeout, our investigative team turned the tables on Hive, swiping their decryption keys, passing them to victims, and ultimately averting more than $130 million dollars in ransomware payments,\u201d Monaco said. \u201cWe will continue to strike back against cybercrime using any means possible and place victims at the center of our efforts to mitigate the cyber threat.\u201d<\/p>\n The Hive group has been all too successful. Since June 2021, the Hive group has targeted more than 1,500 victims around the world and received more than $100 million in ransom payments.<\/p>\n \u201cCybercrime is a constantly evolving threat,” Attorney General Merrick Garland said in a statement. “But as I have said before, the Justice Department will spare no resource to identify and bring to justice, anyone, anywhere, who targets the United States with a ransomware attack.<\/p>\n The Department of Health and Human Resources sent an advisory<\/a> in April 2022 warning hospitals and healthcare providers about the Hive group. <\/p>\n Hive \u201chas been very aggressive in targeting the US health sector,\u201d the HHS Cybersecurity Program advisory said.<\/p>\n Ransomware gangs have demanded payments to restore systems, or have threatened to release private health information from patients unless they are paid, experts say.<\/p>\n Hospitals have been hampered by ransomware payments all too frequently, said Lee Kim, the senior principal, cybersecurity and privacy at the Healthcare Information and Management Systems Society (HIMSS).<\/p>\n \u201cThe threat of ransomware hasn’t gone away,\u201d Kim told Chief Healthcare Executive <\/em>in a December interview<\/a>.<\/p>\n \u201cCertainly the extortion techniques that are used to try to force hospital systems to pay ransom, that\u2019s certainly in vogue at the current time,” she said. “I think as we look at the past incidents in this past year, obviously, ransomware is among them.\u201d<\/p>\n Health systems are making progress in defending against cyberattacks, but too many are vulnerable, Kim said.<\/p>\n \u201cWe do see some organizations that essentially are probably applying a wait-and-see approach because they haven’t been breached yet,\u201d Kim said.<\/p>\n (See excerpts of our December interview with Lee Kim of HIMSS on cybersecurity in healthcare.)<\/em><\/p>\n<\/div>\n