Foiled hospital hack shows scope of cyber threats


The recent disclosure by the FBI director of that agency’s successful thwarting of an Iranian-backed cyberattack of Boston’s Children’s Hospital should serve as a stark warning of what another hostile government might do in retaliation for this country’s support of Ukraine.

Now more than three months into the invasion of that sovereign country, Russia, squeezed by tightening Western sanctions, has probably unleashed its own cyberattack campaign against the U.S. and other NATO countries.

Luckily for Children’s Hospital, the FBI, according to Director Christopher Wray, had been tipped off by an arm of U.S. intelligence about the imminent threat back in August of last year.

Over the next 10 days, according to the Bureau, the FBI’s Boston Division met with representatives from the hospital seven times, “to provide support to Boston Children’s Hospital and address any concern with the (advanced persistent threat) actors’ activity.”

An advanced persistent threat is one that hides in a computer network, sometimes for years, before finally activating and providing access to systems. The term is generally used to describe activity by hackers with connection to a government.

That cyber victory occurred just months after a string of embarrassing hacks into a major gasoline distribution network and a key U.S. information technology firm.

The Colonial Pipeline hacking, perpetrated by the Russian-speaking hacking group DarkSide, left thousands of Americans without gasoline for days. Not long after, an attack perpetrated by Russian cybercriminal group REvil on JBS, the world’s largest meat supplier, shut down multiple processing plants.

But the most serious breach of our national security – that we know of — occurred at SolarWinds, a vital U.S. information technology firm that provides network monitoring software used by Fortune 500 firms and government agencies, including parts of the Pentagon, the Department of Homeland Security, the State Department, the Department of Energy, the National Nuclear Security Administration and the Treasury.

As Reuters first reported in December 2020, SolarWinds sustained a cyberattack that spread to its clients and went undetected…

Source…