FBI prevents Nebraska hospital cyberattack

The bureau was able to work with the health center to isolate a server infected with malware and prevent any compromise to patient data.
By Andrea Fox
03:58 PM

FBI Director Christoper Wray

Credit: Chip Somodevilla/Getty Images

Butler County Health Care Center in David City, Nebraska, dodged a malware attack planted just before July 4th, thanks to quick action by the FBI.

WHY IT MATTERS

Law enforcement investigators in Ireland tipped off the federal agency about cyberattacks in Nebraska and Iowa in July, according to NBC-affiliate WOWT/6 News on August 10. 

In addition to the hospital, the attackers also targeted large grain co-ops within the Omaha FBI's jurisdiction over the past year. The IT director for Butler County Health Care Center, Cynthia Neesen, worked with the FBI to identify the compromised server and took it offline.

Reportedly, no patient information was compromised. But, it's unknown when the cyberattackers would have initiated the ransomware or what action they would take with the hospital's data. 

"There's a lot of things they could have done," said Neesen, acknowledging an encryption attack that would hold patient data hostage could affect patient care.

Past ransomware attacks have also been able to compromise data like patient names, social security numbers, dates of birth, home addresses, provider and specific health information. 

In a poll of more than 5,000 healthcare IT professionals, ransomware attacks on healthcare organizations near-doubled from 2020 to 2021.

FBI Director Christoper Wray joined the Omaha FBI office on August 10 to make the announcement about the July incidents. Ken Schmutz, the Omaha FBI's cyber task force supervisor, said phishing emails are the primary cause of these incidents.

According to the local report, the FBI shared that it has 1,000 cyber field officers deployed throughout the U.S., and could have an agent at the location of a cyberattack in one hour.

THE LARGER TREND

It's becoming regular news for the FBI, Homeland Security's Cybersecurity and Infrastructure Security Agency and others to issue warnings of ransomware aimed at healthcare organizations. 

Just this week, the agencies issued a joint advisory about the Zeppelin ransomware-as-a-service variant, which is targeting hospitals and public health organizations.

But cybersecurity agencies are also working hard to fight back and prevent costly cyberattacks.

In May, the U.S. Department of Justice was able to seize $500,000 from the North Korean state-sponsored Maui ransomware platform, including two ransom payments made by Kansas and Colorado hospitals in 2021 and 2022. 

In June, the FBI announced it had thwarted an August 2021 attack by Iran-sponsored hackers on Boston Children's Hospital after getting a report from one of its intelligence partners before the attack could damage the hospital's infrastructure.

"Our folks got the hospital’s team the information they needed to stop the danger right away. We were able to help them ID and then mitigate the threat," Wray had said when that announcement was made on June 1. 

He added that the agency can shift resources quickly to respond to state-sponsored cyberterrorism and threats from cybercriminal syndicates.

ON THE RECORD 

"I think they are going after everybody, to tell you the truth, I think – if they can find a chink in the armor that most companies have set up," Neesan told WOWT/6 News.

Andrea Fox is senior editor of Healthcare IT News.
Email: afox@himss.org

Healthcare IT News is a HIMSS publication.

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.