Tag Archive for: NationState

UnitedHealth blames ‘nation-state’ in hack disrupting pharmacy orders


A cyberattack against a division of UnitedHealth Group Inc. has caused a nationwide outage of a computer network that’s used to transmit data between healthcare providers and insurance companies, rendering some pharmacies unable to process prescriptions, according to the company and reports from affected organizations.

UnitedHealth found a “suspected nation-state associated cyber security threat actor” had access to subsidiary Change Healthcare’s systems Wednesday, prompting the company to disconnect them from other parties, the company said in a filing Thursday with the Securities and Exchange Commission.

UnitedHealth, the country’s largest health insurer, said in a statement Thursday that the cyberattack and related “network interruption” affected only Change Healthcare and that all its other systems are operational. Change Healthcare is a key intermediary in the $1.5-trillion U.S. health insurance market.

UnitedHealth is working with law enforcement and security experts but can’t say when the service will be restored, according to the filing. The company hasn’t determined that the attack is likely to affect its financial results, it said.

“Change Healthcare is experiencing a cybersecurity issue, and our experts are working to address the matter,” the Minnetonka, Minn.-based company said earlier in a statement on its website. “Once we became aware of the outside threat, in the interest of protecting our partners and patients, we took immediate action to disconnect our systems to prevent further impact.”

The incident is the latest in a series of attacks where hackers have compromised providers of back-end IT software and services — companies that are often little-known outside of their industries yet play critical roles in the normal functioning of such diverse entities as financial markets and government services — and triggered cascading disruptions across their customer bases.

Last month, for example, a ransomware attack against Tietoevry Oyj, a Finnish information technology company, crippled payroll and other services for government agencies and hospitals, retailers, cinemas and other customers throughout Sweden.

Three days later, a ransomware…

Source…

Change Healthcare hack by ‘nation-state’ disrupts pharmacies, patients


A cyberattack blamed on a “nation-state” is wreaking havoc with prescriptions on Long Island and nationwide, leading to some insurance authorizations not going through and some customers being told to wait for refills until the problem is resolved.

Pharmacies that rely exclusively on Change Healthcare to process insurance claims are reeling, said Heather Ferrarese, board chair of the Pharmacists Society of the State of New York.

“For some pharmacies, it’s been completely devastating to their business the past few days,” said Ferrarese, co-owner of Bartle’s Pharmacy in upstate Oxford.

Change, a subsidiary of the giant Minnesota-based UnitedHealth Group, first publicized the problem early Wednesday morning, and since Thursday has been periodically posting messages through fellow UnitedHealth subsidiary Optum that described a “cyber security issue” that “our experts are working to address.”

UnitedHealth said in a filing Thursday with the Securities and Exchange Commission that it “cannot estimate the duration or extent of the disruption at this time.”

Optum, with which Change merged in 2022, declined Friday to comment on a timeline.

It’s unclear how many prescriptions are impacted by the outage.

At New Island Pharmacy in Deer Park, about 10% to 20% of customers are affected by the breach, said owner and pharmacist Nidhin Mohan.

Mohan said his pharmacy has two servers that connect insurance companies with his computer system, and with the Change server down, he is using one run by competitor RelayHealth. The problems are with customers whose insurance companies or plans don’t work with Relay, he said.

When he cannot connect with the insurance companies of long-term customers, Mohan asks the customer to wait until the problem is resolved. But for those who can’t wait, he accepts the patient’s copay, which he determines from previous transactions. After Change’s systems are back online, he will seek reimbursement for the rest of the drug cost from insurance companies.

“I’m hoping that once everything is settled, I can run it through and get my money back,” he said.

“If you are using a private pharmacy, if you’re using a small mom-and-pop, this works, but if…

Source…

UnitedHealth Blamed ‘Nation-State’ Threat in Hack That Disrupted Pharmacy Orders


(Bloomberg) — A cyberattack against a division of UnitedHealth Group Inc. has caused a nationwide outage of a computer network that’s used to transmit data between health-care providers and insurance companies, rendering some pharmacies unable to process prescriptions, according to the company and reports from affected organizations.

Most Read from Bloomberg

UnitedHealth found a “suspected nation-state associated cyber security threat actor” had access to subsidiary Change Healthcare’s systems on Feb. 21, prompting the company to disconnect them from other parties, the company said in a filing Thursday.

UnitedHealth, the country’s largest health insurer, said in a statement Thursday that the cyberattack and related “network interruption” only impacted Change Healthcare and that all its other systems are operational. Change Healthcare is a key intermediary in the $1.5 trillion US health insurance market.

UnitedHealth is working with law enforcement and security experts but can’t say when the service will be restored, according to the filing. The company hasn’t determined that the attack is likely to affect its financial results, it said.

“Change Healthcare is experiencing a cybersecurity issue, and our experts are working to address the matter,” the Minnetonka, Minnesota-based company said earlier in a statement on its website. “Once we became aware of the outside threat, in the interest of protecting our partners and patients, we took immediate action to disconnect our systems to prevent further impact.”

The incident is the latest in a series of attacks where hackers have compromised providers of back-end IT software and services — companies that are often little-known outside of their industries yet play critical roles in the normal functioning of everything from financial markets to government services — and triggered cascading disruptions across their customer bases.

Last month, for example, a ransomware attack against Tietoevry Oyj, a Finnish information technology company, crippled payroll and other services for government agencies and hospitals, retailers, cinemas and other customers throughout Sweden. Three days later, a ransomware…

Source…

AI aids nation-state hackers but also helps US spies to find them, says NSA cyber director


Nation state-backed hackers and criminals are using generative AI in their cyberattacks, but U.S. intelligence is also using artificial intelligence technologies to find malicious activity, according to a senior U.S. National Security Agency official.

“We already see criminal and nation state elements utilizing AI. They’re all subscribed to the big name companies that you would expect — all the generative AI models out there,” said NSA director of cybersecurity Rob Joyce, speaking at a conference at Fordham University in New York on Tuesday. “We’re seeing intelligence operators [and] criminals on those platforms,” said Joyce.

“On the flip side, though, AI, machine learning [and] deep learning is absolutely making us better at finding malicious activity,” he said.

Joyce, who oversees the NSA’s cybersecurity directorate tasked with preventing and eradicating threats targeting U.S. critical infrastructure and defense systems, did not speak to specific cyberattacks involving the use of AI or attribute particular activity to a state or government. But Joyce said that recent efforts by China-backed hackers to target U.S. critical infrastructure — thought to be in preparation for an anticipated Chinese invasion of Taiwan — was an example of how AI technologies are surfacing malicious activity, giving U.S. intelligence an upper hand.

“They’re in places like electric, transportation pipelines and courts, trying to hack in so that they can cause societal disruption and panic at the time in place of their choosing,” said Joyce.

Joyce said that China state-backed hackers are not using traditional malware that could be detected, but rather exploiting vulnerabilities and implementation flaws that allow the hackers to gain a foothold on a network and appear as though they are authorized to be there.

“Machine learning, AI and big data helps us surface those activities [and] brings them to the fore because those accounts don’t behave like the normal business operators on their critical infrastructure, so that gives us an advantage,” Joyce said.

Joyce’s comments come at a time where generative AI tools are capable of producing convincing computer-generated text and imagery and are increasingly used…

Source…