Why North Korea Ransomware Attacks Target U.S. Health Care Providers
The U.S Department of Justice (DOJ) announced this week that around $500,000 in Bitcoin
The attacks caused extensive disruption to IT systems and medical services and put patient safety at risk. The new ransomware variant was discovered during an investigation of a ransomware attack on a hospital in Kansas in May 2021. The Kansas provider had alerted the FBI when the ransomware occurred. As a result, the FBI was able to observe a $120,000 bitcoin payment into one of the seized accounts that was separately being paid by the health care provider in Colorado.
The attack was traced to a North Korean hacking group that is suspected of receiving backing from the DPRK. The Kansas hospital had its servers encrypted, preventing access to essential IT systems for more than a week. The hospital paid a ransom of $100,000 for the keys to decrypt files and regain access to its servers and promptly.
“Thanks to rapid reporting and cooperation from a victim, the FBI and Justice Department prosecutors have disrupted the activities of a North Korean state-sponsored group deploying…