

Here’s a short thread on what ransomware is, and how such an attack could impact #COVID19 response efforts
/1 https://twitter.com/briankrebs/status/1321550140474331136
Gross simplification: ransomware refers to a piece of software installed by hackers looking to extort the owner of the IT system. The software itself can be made to:
”lock” computer systems, making them unusable
delete mission critical data
extract sensitive data
/2



/2
This particular ransomware attack has been traced back to Russia, per @briankrebs
https://krebsonsecurity.com/2020/10/fbi-dhs-hhs-warn-of-imminent-credible-ransomware-threat-against-u-s-hospitals/
/3
https://krebsonsecurity.com/2020/10/fbi-dhs-hhs-warn-of-imminent-credible-ransomware-threat-against-u-s-hospitals/
/3
Ransomware attacks aren’t new, especially not to US hospitals. @ahahospitals has a well-written article on he topic:
https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed
/4
https://www.aha.org/center/cybersecurity-and-risk-advisory-services/ransomware-attacks-hospitals-have-changed
/4
To my knowledge, this is the first time the FBI, DHS, and HHS have issued a joint “imminent threat” warning.
This comes just days after another ransomware attack knocked out computer access in 400 hospitals:
https://www.wired.com/story/universal-health-services-ransomware-attack/
/5
This comes just days after another ransomware attack knocked out computer access in 400 hospitals:
https://www.wired.com/story/universal-health-services-ransomware-attack/
/5
Depending on the nature and scope of the attack, we could be dealing with a situation where affected hospitals are unable to report #COVID19:
test results
hospitalizations
deaths
PPE supplies
and more
/6





/6
This would seriously undermine our ability to:
quickly identify hospitals in need of supplies and staffing
arrange hospital-to-hospital transfers
direct PPE resources to where they are most needed
/7



/7
Again, depending on the nature and scope of the attack:
personal health information may be stolen and disclosed
electronic medical records may be deleted, and would need to be restored from backups
/8


/8
All of that to say, this is a *HUUUUGE* national security issue.
We are under attack.
All hospitals have “downtime” protocols that would serve as a stopgap for a few hours, but they’re not designed to be a full replacement.
This is a major, major problem.
/end
We are under attack.
All hospitals have “downtime” protocols that would serve as a stopgap for a few hours, but they’re not designed to be a full replacement.
This is a major, major problem.
/end
For a deeper dive, please see: https://twitter.com/markhertling/status/1321632409457250305