FBI Reveals Massive Hacking Group Linked To Kim Jong Un In North Kore

(PresidentialHill.com)- In a joint advisory, the Federal Bureau of Investigation (FBI), the Department of the Treasury, and the Cybersecurity and Infrastructure Security Agency (CISA) warned that  North Korean state-sponsored cyber actors have been using the Maui ransomware to target the healthcare sector.

According to the advisory, the FBI addressed many Maui ransomware occurrences affecting HPH Sector firms since May 2021. In these events, North Korean state-sponsored cyber actors encrypted systems in charge of healthcare services. Those services included electronic health records, diagnostics, imaging, and intranet services. In certain instances, these attacks caused long-lasting interruptions in the services offered by the targeted HPH Sector firms. It is uncertain what was the original access vector for these events.

According to tech reports, based on industry research of a sample of Maui ransomware, the strain encrypts its target files using a mix of the Advanced Encryption Standard (AES), RSA, and XOR.

The advisory further stated that the North Korean state-sponsored cyber attackers probably presume healthcare organizations are prepared to pay ransoms since these organizations provide services essential to human life.

The FBI, CISA, and Treasury pushed the healthcare industry to implement critical public infrastructure and digital certificates to authenticate EHR systems, IoT medical devices, and other connections inside the network to limit data access and reduce risk. Organizations should also assess their procedures for storing, gathering, and accessing PHI and HIPAA-required security measures.

A request for any data on bitcoin wallets, IP addresses, and decryptor files connected to the Maui ransomware was concurrently made by the FBI.

According to John Hultquist, vice president of Mandiant Intelligence, ransomware assaults targeting healthcare are a fascinating development, given the focus these players have put on this industry since the release of COVID-19.  Hultquist claimed it was not uncommon for an actor to pay for access that was maybe obtained as part of a cyberespionage operation.

Recently, Hultquist’s firm noticed North Korean players concentrating on more conventional diplomatic and military groups instead of healthcare targets.
Hultquist pointed out that despite this, healthcare institutions are particularly susceptible to this kind of extortion because of the dangers involved in a successful cyber breach. This causes monetary and reputational damages and negative effects on patient care.

Is this the “Accessible Healthcare” that the Democrats envisioned from Obamacare?