Federal officials issued a warning on Wednesday that a series of ransomware attacks has been initiated with the intent to target U.S. hospitals. The announcement came from a joint task force that includes the FBI, The U.S. Department of Health and Human Services, and the Cybersecurity and Infrastructure Security Agency.

Ransomware has been an ongoing threat to the American healthcare system, costing them tens of millions of dollars in recent years. The attacks typically will encrypt data such as patient records and billing information, and hold the data hostage until the hospital agrees to pay a large sum of money to have the info returned to them.

According to the task force, five hospitals have already been attacked this week.

"CISA, FBI, and HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers," the advisory said. "CISA, FBI, and HHS are sharing this information to provide warning to healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats."

“We are experiencing the most significant cyber security threat we’ve ever seen in the United States,” said Charles Carmakal, chief technical officer of Mandiant, a cybersecurity firm.

The attacks are being carried out by a Russian-speaking criminal group that appear to be motivated purely by profit.  Charles is concerned the group will deploy hundreds of attacks targeting hospitals over the next few weeks.

According to a study conducted by Check Point research, ransomware attacks increased 50% in the last three months, over the first half of 2020.  The research in the study also noted that hospitals and health care organizations were the hardest hit.  The survey also disclosed that some of the attacks demanded a ransom of over $5 million.

Hospitals are often targeted because cybercriminals know that hospitals are among the organizations that are most likely to pay the ransom. In Germany, a woman passed away when a hospitals was unable to admit her as they were being attacked by ransomware. In June, the University of California San Francisco paid a ransom of $1.14 million to cybercriminals.

The recent string of security attacks, which have doubled in frequency from the second quarter to the third, have caused an inconvenience for medical facilities.  Some hospitals have started to take records on paper, and others have even had to turn ambulances away by redirecting them to other facilities.

These criminals currently suspected of attacking American medical institutions are using a strain of ransomware called Ryuk. Ryuk is spread through a network of Zombie computers called Trickbot. Microsoft has been combating Trickbot since early October, with success – but criminals are still finding ways to spread the ransomware.

Back in September, all 250 hospitals in the Universal Health Services network were struck with a Ransomware attack that forced medical professionals to keep records using pencil and paper.  This resulted in slower record-keeping and lab work.

Alex Holden, CEO of Hold Security has been tracking this strain of the ransomware for over a year. After monitoring several attempts to infect hospitals systems at the end of October, Holden said he alerted Federal officials.

Holden described that the group was demanding a ransom of over $10 million per target and that there were plans to attack more than 400 other medical facilities.

"One of the comments from the bad guys is that they are expecting to cause panic and, no, they are not hitting election systems," Holden said. "They are hitting where it hurts even more and they know it."

Story via USA Today