By Frank Pallotta, CNNMoney
Hospitals in the United States are being warned about an ongoing cyberattack, the Centers for Medicare and Medicaid Services said Sunday.
CMS said in a statement that payment and access to critical health information systems are the motive behind the attack.
Hospitals are alerted of the attack through a “ransomware notification kit” sent to them. The malware restricts access to patient records and threatens to shut down certain facilities unless certain payment demands are met. The kits contain encrypted backups of patient data.
Two weeks ago, UK hospital groups including the Royal Free and St. Mary’s warned patients about a cyberattack.
“The threat posed by ransomware has grown considerably in recent years and healthcare organizations should take notice of the attacks we’ve seen around the world,” said Health and Human Services Secretary Alex Azar in a statement.
“All hackers would love to see data held hostage to receive some kind of payment. In the end, ransomware comes off as a blackmailer saying ‘this will cripple your operations, let us get paid.’ In this case, the hacker is demanding payment to decrypt all patients’ medical records,” Azar added.
Azar said the government is working with antivirus software companies, companies that provide critical infrastructure security and other experts to help uncover the hackers and determine if they have access to other victims.
If the hackers have access to other U.S. facilities, officials warn hospitals to back up all patients’ medical data on another network.
HHS has also advised hospitals to protect their network data with good security practices like hardening networks, updating software and patching vulnerabilities. They are also advised to report any ransomware attacks they see to the government.