North Korea using ransomware attacks on healthcare as revenue source, Feds say 

North Korean state-sponsored ransomware groups are targeting South Korean and U.S. healthcare organizations with Maui and H0lyGh0st ransomware as a way to raise revenue for the North Korean government, according to a Feb. 9 U.S. government cybersecurity advisory. 

The groups demand cryptocurrency ransoms and then use the funds for espionage cyber operations targeting the U.S. and South Korea. In July, the U.S. government recovered $500,000 that two hospitals paid as a ransom to North Korean hackers.

The Feb. 9 advisory warning is an update of a warning that came in July.

The Democratic People's Republic of Korea often obfuscates its involvement in the ransomware attacks by working through a foreign third-party affiliate.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars