Clearly must be time for more sanctions relief.
Iranian government-backed hackers were behind an attempted hack of the Boston Children’s Hospital computer network last year, FBI Director Christopher Wray alleged Wednesday, calling it “one of the most despicable cyberattacks I’ve ever seen.”
The FBI was able to help thwart the hackers before they did damage to the hospital’s computer network, according to Wray, but he cited it as an example of the potential high-impact hacking threats that the US faces from the governments of Iran, Russia, China and North Korea.
“We cannot let up on China or Iran or criminal syndicates while we’re focused on Russia,” Wray said in a speech at Boston College.
There’s no obvious reason to hit the hospital, but some hacking groups are looking for any substantial targets of opportunity. This was around the time of the massive Fortinet leak and it might just have been a matter of being able to hit a big vulnerable target.
But Iran, like other rogue nations, is also launching ransomware attacks. Ransomware hacks, which are used to demand cryptocurrency payoffs, are a useful method for sanctioned nations like North Korea, Russia, and Iran to get money.
Microsoft has detailed the activities of six Iranian hacker groups that are behind waves of ransomware attacks that have arrived every six to eight weeks since September 2020.
Russia is often seen as the home of the biggest cyber-criminal ransomware threats, but state-sponsored attackers from North Korea and Iran have also shown a growing interest in ransomware.
Microsoft said Iranian hacking groups are using ransomware to either collect funds or disrupt their targets, and are patient and persistent while engaging with their targets – although they will use aggressive brute-force attacks.
The timing would have been about right.
The Boston Children’s Hospital incident was one of several that prompted a public warning last November from the FBI and other agencies that Iranian government-backed hackers were targeting a range of organizations across the transportation and health care sectors.
Why transportation and health care? They’re critical and therefore more likely to pay out. Also they’re poorly secured. That makes them easy marks.
For now, we haven’t faced a rally catastrophic hack like Costa Rica’s health care system did, but the growing dependency on online data solutions and health care in the cloud means that we could effectively see the shut down of a lot of medical care with the right kind of attack. That’s the ridiculous pathway we’ve gone now. And it’s something we need to rethink.