"Healthcare in the Crosshairs of North Korean Cyber Operations"
Healthcare organizations in the US are top targets for state-sponsored North Korean cyber threat actors attempting to fund espionage activities through ransomware and other cyberattacks. The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the US Department of Health and Human Services, and South Korean intelligence agencies have reached this conclusion. In a joint alert released on February 9, the group stated that the North Korean government was using ransomware profits in the form of cryptocurrency to fund other cyber operations, such as spying on US and South Korean defense sector and Defense Industrial Base (DIB) organizations. According to the agencies, the revenue from these cryptocurrency operations supports DPRK national-level objectives. Their advisory also urged ransomware victims in the healthcare and critical infrastructure sectors not to pay ransoms, as doing so does not ensure the recovery of information and records and could entail sanctions risks. The Journal of the American Medical Association (JAMA) reported earlier this year that the number of ransomware attacks against healthcare organizations doubled between 2016 and 2021. Furthermore, 44 percent of the 374 ransomware attacks on healthcare organizations in the US over this time period disrupted patient care. This article continues to discuss CISA, FBI, and South Korean intelligence agencies warning that the North Korean government is sponsoring ransomware attacks to fund its cyber espionage activities.
Dark Reading reports "Healthcare in the Crosshairs of North Korean Cyber Operations"