A Russia-based ransomware group responsible for a new wave of attacks against U.S. hospitals is laying the groundwork to cripple at least ten more, according to the cyber-security firm Prevailion Inc.

Prevailion’s analysis comes a day after the FBI and two other federal agencies issued a warning about an imminent and credible threat to hospitals and health-care providers from cyber attacks, including ransomware capable of locking entire computer networks.

The hacking group responsible — known among some experts as UNC1878 and others as Wizard Spider — has already hit at least nine hospitals in three weeks, crippling critical computer systems and demanding multimillion-dollar ransoms.

The health-care attacks have been ongoing since at least September, according to the cyber-security firm Crowdstrike. The victims included Sky Lakes Medical Center in Klamath Falls, Oregon, where doctors are struggling to keep track of patient medications and other critical information on paper rather than the digital systems they normally use.

“The increased workload is astronomical for all hospital employees and will inevitably have an impact on patient care,” said one of the hospital’s doctors, who wasn’t authorized to speak to the press and asked not to be named.

The timing of the latest wave of attacks – coming as the U.S. nears 9 million coronavirus infections and hospitalizations surge – has unsettled security experts used to the ruthlessness of global cyber gangs.

“Certainly no cyber crime is good, but this really is despicable and evil,” said Karim Hijazi, Prevailion’s chief executive.

Over the last 24-hours, Prevailion has gained access to the communications that the Russian hackers are using to control computers inside U.S. hospitals, as well as other victims worldwide. That data shows that the hackers have infiltrated at least 440 organizations globally, including government agencies, pharmaceutical companies and universities, Hijazi said.

But it’s the targeting of medical care facilities that is most worrying. The infected organizations include hospitals in New Jersey, Georgia, Florida, Massachusetts, Texas and Arkansas, according to data provided by…