The FBI warns Oklahoma organizations of ransomware attacks after a metro clinic fell victim to it this week.
Officials said those attackers will target any organization when the opportunity comes.
“Many times, unfortunately a lot of companies, the first indication there’s an issue is when their system is encrypted and they no longer have access,” explained Supervisory Special Agent, Eric Littlepage.
To be targeted, to get hacked and have sensitive information held for ransom should be a concern for organizations of all sizes per the FBI.
The Oklahoma City Indian Clinic is a recent victim of the cyber-crime, they were hacked earlier this month.
The use of ransomware is an illegal activity that’s becoming more streamlined.
“Now we’ve seen a lot more where there’s a ransomware as a service, which is more like a business model,” explained Special Agent Littlepage.
He continued, “Specific groups that are generating or creating the tools and the encryption methods and the vector of attack and they’re selling it to sub-contractors that are conducting the intrusion and then paying the overall ransom group a fee.”
The OKC Clinic released this statement after they were hacked:
“Earlier this month, Oklahoma City Indian Clinic (OKCIC) discovered that certain systems were inaccessible and immediately deployed all available resources to investigate, including third-party forensic specialists. As part of our investigation, we discovered that the OKCIC was the victim of a cyber attack. While our investigation remains ongoing at this time, we currently do not have evidence of unauthorized access to patient information. OKCIC is taking the necessary and appropriate steps to address this incident and comply with applicable regulations, and will continue to do so as our investigation proceeds.”
The ransomware group claims to have 350 gigabytes of data with health records and financial documents.
The attack also impacted some computer systems and the clinic’s auto-prescription refill system.
The easiest way for hackers to get in is through unknowing employees.
“A huge weak link in any organization is really just phishing attempts,” explained Special Agent Littlepage.
“Suspicious emails that come in, employees that click on those links could potentially compromise the entire organization.”
Remote work has magnified the issue. Strong passwords and multi-factor authentication are also a good idea for employees.
Organizations should keep all software up to date. Any company that is a victim should gather as much information as possible and contact the FBI.
“Whether it simply could IP addresses that were the vector of attack, letting us have that information. We could use that to begin investigating and determining who that actor was and attributing where they are whether that’s in the US or outside the US,” said Special Agent Littlepage.
To report a cyber-attack call the local FBI office or go to https://www.ic3.gov/