US federal agencies issued a joint advisory on Wednesday regarding North Korean state-sponsored cyber actors using Maui ransomware to target the healthcare sector.
The FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Treasury Department have said that a particular ransomware has been used by North Korean government-backed hackers since at least last spring to target security industry organizations. health and public health.
“This malicious activity by North Korean state-sponsored cyber actors against the healthcare and public health sector poses a significant risk to organizations of all sizes,” said Eric Goldstein, Deputy Executive Director of CISA. for cybersecurity.
The advisory also provides steps the healthcare industry can take to mitigate and prevent ransomware attacks. Some of the recommendations include regularly installing and updating anti-virus and anti-malware software, implementing user training programs and phishing exercises, and avoiding using public Wi-Fi networks.
Agencies have also discouraged healthcare organizations from paying ransoms as it does not guarantee the recovery of stolen data. Instead, companies should adopt and improve cybersecurity best practices and report ransomware attacks to law enforcement.
“North Korean state-sponsored cyber actors likely assume that healthcare organizations are willing to pay ransoms because these organizations provide services essential to human life and health,” the notice reads. .
“Because of this assumption, the FBI, CISA, and Treasury believe that North Korean state-sponsored actors will likely continue to target [health care and public health] sector organizations.
This is the latest joint advisory regarding North Korean government-backed hackers. In April, the same federal agencies warned of increasing cyber threats involving the cryptocurrency of a North Korean group.
The agencies said the group targets various organizations in the cryptocurrency industry, such as crypto video games, crypto trading firms, and individual holders of valuable non-fungible tokens, often referred to as NFTs.
The April notice followed an FBI press release alleging that North Korean hackers were responsible for the theft of approximately $620 million in cryptocurrency in March from Axie Infinity, a virtual video game that uses NFT.