JAKARTA - The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the United States (US) Department of Finance warned of a ransomware attack sponsored by North Korea targeting health sector organizations across the US.
On the CISA website, they observed North Korea's sponsored hack to spread Maui ransomware at least since May 2021.
The way Maui's ransomware works is by encrypting the servers responsible for healthcare services, including electronic health records, medical imaging, and all intranets.
In some cases, this incident disrupted services provided by targeted US health sector organizations for a long time.
The Ransomware attack on health services is an interesting development, given that the focus of these actors has been on this sector since the emergence of COVID-19. It is not uncommon for an actor to monetize access that may initially have been collected as part of a cyber espionage campaign", said John Hultquist, vice president of Mandiant Intelligence, quoted by TechCrunch.
SEE ALSO:
According to the FBI, CISA, and the Treasury Department, the North Korean-sponsored actors are likely to think the healthcare organization is willing to pay the ransom as the organization provides a very important service for human life and health.
The FBI, CISA, and the Treasury Department strongly do not recommend paying the ransom because it does not guarantee that files and records will be recovered and could pose a risk.
However, the FBI understands that the victim is in such a position and is unable to resist and then decides to pay the ransom. The FBI suggested that ransomware victims would report the incident to the local FBI or CISA field office.
By doing so, the US Government will get the important information needed to prevent future attacks by identifying and tracking ransomware perpetrators and holding them accountable under US law.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)