Ransomware is one of the world’s most pervasive and damaging cyber threats. This is particularly true when we consider that hospitals and health care-related facilities are some of the favorite targets of these ransomware criminals.
According to Dr. Tedros Ghebreyesus, Director-General of the World Health Organization, cyber criminals launch ransomware attacks at the digital infrastructure of health facilities, disrupt or shut them down, and demand payment for ending the attack. They believe that the greater the threat to patient safety, confidentiality and service disruptions, the more likely and faster they are to be paid the ransom they can demand.
“Ransomware attacks will continue, and perpetrators will thrive, as long as ransoms are being paid and criminals can evade capture, particularly by fleeing across borders,” said Anne Neuberger, U.S. Deputy National Security Advisor.
“Ransomware attacks are attractive to cybercriminals because of the large individual ransom payments. For a group like BlackCat, which received more than $420 million in ransom payments since 2019, this is a thriving business.”
To end this scourge, said Anne Neuberger, “States should not knowingly allow their territory to be used for internationally wrongful acts using information and communications technologies. “At the same time, they must mitigate malicious activity directed from their territory toward another state.
“So when ransomware [actors] in one state target critical infrastructure like hospitals in another, it is incumbent on the first state to take action to investigate and mitigate that activity … especially when they have been asked to do so.”
“Yet some states – most notably Russia – continue to allow ransomware actors to operate from their territory with impunity, even after they have been asked to rein it in,” said Anne Neuberger. “The developer and administrator of the cybercriminal gang LockBit is Russian national Dimitry Khoroshev.”
“Instead of adhering to its UN commitments, Russia continues to harbor these criminals. The United States implores states not to follow Russia’s practice in protecting international cybercriminals and reiterates our request for states to follow the Framework for Responsible State Behavior in Cyberspace as a matter of upholding international peace and security.”
“We issue today a call to action,” said Deputy National Security Advisor Neuberger. “Countries that experience a ransomware attack against a hospital should inform the country of origin of the attack and request that they take action in line with their UN commitments regarding responsible state behavior in cyberspace.”
