On Tuesday this week, researchers revealed that a group of hackers linked to the Iranian government had targeted another United States medical institution toward the end of February prior to the onset of the current military conflict between the U.S., Israel and Iran. This is the second such attack.
This attack is noteworthy because this information comes on the heels of another attack in which Stryker, a medical device firm in America, was targeted and had its data deleted. Handala, a hacktivist group linked to Iran, claimed responsibility for this attack that resulted in about 80,000 systems being deleted. Stryker is currently restoring its systems and the attack has now been contained.
It isn’t clear whether other attacks have happened traceable back to groups with links to the Iranian government, but these two known ones raise concern.
Pay2Key, the hacktivist group behind this recent attack, has been active since 2020. It has largely focused its attacks on Western targets, particularly Israeli and American targets. Their activities have ramped up each time tensions between Iran and the U.S. have escalated, and it is reasonable to expect that they could conduct more attacks at this time when tensions between the two countries have boiled over into a military conflict.
In this attack they executed, the hackers seemed to have compromised an administrator’s account in order to gain access to the systems of the medical institution. Once in, the team went quiet for a number of days before they deployed ransomware within the system. Investigators say the actors only took three hours to deploy the malicious code and encrypt files within the medical institution’s database.
Two things are raising questions about the reasons behind this attack. First, the group didn’t extract any data from the systems they accessed. Secondly, they didn’t make any demands for ransom, as is typical after such an attack has been executed. Investigators are wondering why the group would undertake such an attack but hold off on making any demands, exfiltrate data or even delete files.
On Friday, the FBI cautioned that hackers with links to Iran were leveraging Telegram to target opposition groups, journalists and dissidents opposed to the regime in Iran.
As reports that peace talks between the U.S. and Iran geared at ending the conflict emerge, the threats and counterthreats between the two countries that energy infrastructure could be targeted pose a need for added cyber vigilance since hacking incidents could also escalate. Players in the U.S. health care system, such as Astiva Health, may need to conduct frequent reviews of their cybersecurity measures to minimize the risk of being targeted.
About BioMedWire
BioMedWire (“BMW”) is a specialized communications platform with a focus on the latest developments in the Biotechnology (BioTech), Biomedical Sciences (BioMed) and Life Sciences sectors. It is one of 75+ brands within the Dynamic Brand Portfolio @ IBN that delivers: (1) access to a vast network of wire solutions via InvestorWire to efficiently and effectively reach a myriad of target markets, demographics and diverse industries; (2) article and editorial syndication to 5,000+ outlets; (3) enhanced press release enhancement to ensure maximum impact; (4) social media distribution via IBN to millions of social media followers; and (5) a full array of tailored corporate communications solutions. With broad reach and a seasoned team of contributing journalists and writers, BMW is uniquely positioned to best serve private and public companies that want to reach a wide audience of investors, influencers, consumers, journalists and the general public. By cutting through the overload of information in today’s market, BMW brings its clients unparalleled recognition and brand awareness.
BMW is where breaking news, insightful content and actionable information converge.
To receive SMS alerts from BioMedWire, “Biotech” to 888-902-4192 (U.S. Mobile Phones Only)
For more information, please visit https://www.BioMedWire.com
Please see full terms of use and disclaimers on the BioMedWire website applicable to all content provided by BMW, wherever published or re-published: https://www.BioMedWire.com/Disclaimer
BioMedWire
San Francisco, CA
www.BioMedWire.com
415.949.5050 Office
Editor@BioMedWire.com
BioMedWire is powered by IBN
