Three federal agencies said Wednesday that North Korean hackers have been attacking the health care sector with ransomware, and cautioned victims that paying up could run afoul of U.S. sanctions rules.
The FBI, the Department of Homeland Security’s Cybersecurity an Infrastructure Security Agency and the Treasury Department said in an alert that the hackers were using a kind of ransomware dubbed “Maui” to go after health care and public health organizations.
“This malicious activity by North Korean state-sponsored cyber actors against the healthcare and public health sector poses a significant risk to organizations of all sizes,” said CISA’s executive director for cybersecurity, Eric Goldstein.
“They’re pretty ruthless, as we have seen in the past. And the fact that there’s an urgency by the health care sector to continue the uninterrupted provision of health care is a reason why they’re targeting health care.”
It’s not the first time the U.S. has accused Pyongyang of wreaking havoc on the health care sector. Most notably, the U.S. and U.K. blamed North Korea for the 2017 WannaCry outbreak, which led to canceled surgeries and postponed medical appointments in the U.K. after the bug worked its way into the National Health Service.