US Calls for Russia and Other States to Take Action Over Healthcare Ransomware Attacks
Anne Neuberger, the Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology on the National Security Council, has publicly criticized Russia for allowing cybercriminal groups to conduct ransomware attacks on US healthcare organizations and for taking no action to hold those groups accountable for the crimes.
Ransomware groups have been increasingly conducting attacks on healthcare organizations for financial gain. They steal patient data, encrypt files, and threaten to publish the stolen data if the ransom is not paid. The attacks often result in ambulances being placed on divert, appointments and surgeries being canceled, and the disruption can last for several weeks not only at the attacked entity but also at neighboring hospitals. Studies show these attacks lead to an increase in medical complications and mortality rates, longer patient stays, and poorer patient outcomes following a ransomware attack. According to the HHS’ Office for Civil Rights, large data breaches related to healthcare ransomware attacks have increased by 264% since 2018.
Many ransomware groups are thought to operate out of Russia and have adopted policies of not conducting attacks inside Russia or any members of the Commonwealth of Independent States (CIS). These ransomware gangs are financially motivated cybercriminal groups rather than state-sponsored hackers and Russia turns a blind eye to the attacks provided the groups do not conduct attacks inside Russia or the CIS.
In a 2021 meeting with Russian President Vladimir Putin, President Biden pressed Putin to take action against the cybercriminal groups conducting ransomware attacks in the United States from inside Russia, and in a call later in the year expressed growing impatience as the attacks continued. “I made it very clear to him that the United States expects, when a ransomware operation is coming from his soil even though it’s not sponsored by the state, we expect them to act if we give them enough information to act on who that is,” explained Biden in a press briefing.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
At a recent UN Security Council briefing, Neuberger explained that ransomware attacks on US healthcare organizations and many new ransomware variants all have a nexus with Russia, including Blackcat and LockBit, the two most prevalent ransomware groups in 2023 that were together behind 30% of all healthcare ransomware attacks worldwide. Neuberger issued a call for action and urged all countries that identify a ransomware attack on a hospital to notify the country where the attack originated, and request action be taken in line with their UN commitments regarding responsible state behavior in cyberspace.
“We must call on all Member States to collectively work together to strengthen the cybersecurity and resilience of our critical infrastructure and work to confront and disrupt the ransomware threat. When States act inconsistently with the framework, and knowingly allow ransomware actors to operate with impunity from their territories, responsible States should call out such irresponsible and destabilizing behavior and hold irresponsible actors to account. The increasing threat of ransomware is detrimental to all of us,” according to a November 8, 2024, joint statement signed by 54 countries including 3 of the 5 permanent members of the Security Council – The United States, France, and the United Kingdom – but not by Russia or China.
