Pharmacies and hospitals nationwide are experiencing disruptions as a result of ransomware attacks, which leaves patients with difficulties filling prescriptions or obtaining medical care. UnitedHealth Group, a healthcare provider in the United States, announced on Thursday that it had been hacked by a ransomware gang known as Black Cat, otherwise known as AlphV.
There was a breach of security at Optum last week, causing its digital healthcare payment platform, known as Change Healthcare, to be taken offline as a result of a "cybersecurity issue." Optum, which provides healthcare benefits across the United States, announced last week that it was impacted by a "cybersecurity issue."
There are a variety of legal issues that have resulted in hospitals, pharmacies and other healthcare providers being unable to access the popular payment platform or purposefully disabling connections to its network so as not to allow hackers to gain access to the sensitive data. In a statement on Monday, UnitedHealth estimates that more than 90% of the 70,000 pharmacies in the U.S. have had to change how they processed electronic claims in response to the outage, as more than 90% of them are going to change how they process claims in the future.
A UnitedHealth executive on a conference call with cybersecurity officers was quoted as saying that, according to a UnitedHealth executive who spoke on a conference call with cybersecurity officers, the outage could last "weeks," despite UnitedHealth reiterating that there are workarounds to ensure customers get access to medications.
According to a recording obtained by STAT News, the outage could last up to a week.
In a report released by UnitedHealth, it was determined that BlackCat, or AlphV, is responsible for the breach, a conclusion which was supported by the group itself claiming credit on its dark web leak site, as well as the hiring of multiple outside firms, including top cybersecurity companies Mandiant and Palo Alto Networks.
After a few days, the post had been removed from the website.
It is, however, interesting that the ransomware gang may also be responsible for the attack. A few months ago, the FBI broke into the group's internal servers to steal information regarding decryption tools for its victims as well as to seize control of several of its websites.
In celebration of the disruption, which involved multiple foreign governments, the U.S. government celebrated its success. According to Deputy Attorney General Lisa Monaco, the Justice Department has disrupted the Black Cat ransomware group for the second time by hacking the hackers. As a result of Black Cat's apparent ability to regroup and breach one of the nation's largest healthcare organizations, it is evident that reducing these groups for long periods is quite difficult.
When a cybercriminal suffers a setback, the criminals will frequently reassemble, especially if their operators reside in countries where their law enforcement agencies are lax about prosecuting their crimes as a result of their laziness.