FBI warns US healthcare providers of imminent TrickBot attack wave

The Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the U.S. Department of Health and Human Services (HHS) warned U.S. healthcare facilities about a “growing and imminent threat” of TrickBot ransomware attacks. The agencies said in a joint statement.

Ransomware Activity Targeting the Healthcare and Public Health Sector by ForkLog on Scribd

According to the document, the FBI, CISA and HHS have credible information about an impending wave of ransomware attacks targeting American hospitals and healthcare providers.

The primary threat to healthcare facilities is TrickBot malware, which attackers are continually refining.

“What began as a banking trojan and a descendant of Dyre is now providing operators with a full toolkit to carry out a range of illicit activities, including credential harvesting, mining, data theft and deploying ransomware such as Ryuk,” the statement said.

According to some sources, TrickBot is run by Russian hackers.

Earlier this year, many US healthcare facilities have already faced cyberattacks. In September, Universal Health Services, one of the United States’ largest hospital networks, became the victim of a major attack.

In October, news emerged of an international operation to neutralize TrickBot. Microsoft, ESET, NTT, Black Lotus Labs and others participated. It is believed that US military personnel were involved in the operation to take the botnet offline.

Subscribe to ForkLog news on Telegram: ForkLog Feed — the full news stream, ForkLog — the most important news and polls.