U.S. security authorities have issued a joint warning that North Korean state-sponsored hackers may target hospitals and other health care facilities in the United States using ransomware.
The Federal Bureau of Investigation, the Treasury Department and the Cybersecurity and Infrastructure Security Agency issued the joint warning on Wednesday.
In the warning, the agencies said North Korean hackers have been using Maui ransomware since at least May 2021 to target healthcare and public health sector organizations.
Ransomware is a form of malicious software or malware that locks up a victim’s data or computer networks, after which the perpetrator demands a ransom from the victim to make them usable again.
The U.S. agencies said North Korean state-sponsored cyber actors may have deployed the malware against healthcare and public health organizations under the assumption that healthcare organizations "are willing to pay ransoms because these organizations provide services that are critical to human life and health."
The advisory referred to guidance on how to mitigate the risk of a potential ransomware attack, while urging victims to immediately report an attack to authorities. It also discouraged paying ransoms because it does not guarantee files and records will be recovered and may put an institution at risk of violating sanctions.