January 8, 2024 at 01:29PM
Threat actors are targeting medical institutions through “swatting,” a form of pressure tactic involving fake bomb threats to force hospitals to pay ransom demands. Intrusions at Fred Hutchinson Cancer Center and Integris Health illustrate the escalation in cyber-extortion tactics. It remains to be seen whether these measures will yield ransom payments.
Based on the meeting notes, it’s clear that threat actors are using the tactic of “swatting” to target medical institutions through their patients. This involves making repeated false reports to the police about bomb threats or other serious allegations involving the patients, leading to law enforcement showing up at the patients’ homes heavily armed. The threat actors are using this extreme form of pressure to convince hospitals to pay ransom demands, as seen in incidents at the Fred Hutchinson Cancer Center and Integris Health.
These incidents illustrate an escalation of tactics by cybercriminals, and it’s noted that some patients received emails from threat actors preparing to sell their personal information if demands were not met. It’s important for institutions to be aware of these tactics and collaborate with law enforcement, such as the FBI and local police, to respond to and investigate such cyber incidents. Each institution will have to decide how to respond to these tactics in terms of potential ransom payments.