Cyber Attack On US Children's Hospital

Uploaded on 2022-06-07 in INTELLIGENCE-Hot Spots-Iran, FREE TO VIEW, BUSINESS-Services-Health & Welfare

In June 2021, hackers working for the Iranian government attempted to break into and damage computer systems at Boston Children’s Hospital. This exploit has now been confirmed by the Federal Bureau of Investigation (FBI) Director Christopher Wray who explained this at the Boston College Cyber Security Conference.

The attempted cyber attack took place in June 2021, the attackers exploited popular software made by California-based firm Fortinet to control the hospital's computer network. The FBI was able to help thwart the hackers before they did damage to the hospital's computer network, said FBI Director Wray.

It remains unclear what was the reason behind the cyber attack on the hospital. Boston Children's Hospital has more than 400-beds and is considered one of the premier pediatric centers in the US. The FBI was able to help stop the hackers before they managed to do any damage, according to Wray,

Wray cited this attempt as an example of the potential high-impact hacking threats that the US faces from the governments of Iran, Russia, China and North Korea.

"We cannot let up on China or Iran or criminal syndicates while we're focused on Russia," Wray said in a speech at Boston College. He said the bureau and Boston Children’s Hospital had worked closely together after a hacktivist attacked the hospital’s computer network in 2014. 

In 2014, a US citizen named Martin Gottesfeld launched a  cyber attack at the hospital to protest the care of a teenager at the center of a high-profile custody battle and later was subsequentoy sentenced to 10 years in prison. The Gottesfeld attack cost the facilities tens of thousands of dollars and disrupted operations for days. “Children’s and our Boston office already knew each other well, before the attack from Iran, and that made a difference,” Wray said.

The FBI and other federal agencies have been working to assure hacking victims that it is in their best interest to report intrusions and cyber crimes. Many companies attacked by ransomware gangs often don’t go to the FBI for a variety of reasons.

One unnamed Fortune 500 company told committee staff that the FBI did not offer any “helpful assistance” when responding to a ransomware attack. “For example, the FBI offered their hostage negotiator who appeared to have little expertise in responding to ransomware attacks,” the report said. 

JPost:      PBS:    CNN:       WSJ:      Reuters:     ABC:      FoxNews:     Times of Israel:

You Might Also Read: 

Ransomware, Iranian Hackers & Pornography:

 

« For Sale: Academic Credentials
US Supreme Court Blocks Texas Law On Social Media ‘Censorship’ »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CyberSecurityJobsite.com

CyberSecurityJobsite.com

CyberSecurityJobsite.com is a specialist job board designed to attract candidates working within Cyber Security, Information Security or Information Assurance.

NXP Semiconductors

NXP Semiconductors

NXP is a world leader in secure connectivity solutions for embedded applications and the Internet of Things.

Silent Breach

Silent Breach

Silent Breach specializes in network security and digital asset protection. Services include Pentesting, Security Assessments, Incident Detection & Response, Governance Risk & Compliance.

Infodas

Infodas

Infodas provides Cybersecurity and IT consulting / system integration services as well as a range of innovative Cybersecurity products to public sector and commercial clients.

PhishX

PhishX

PhishX is a SaaS platform for security awareness that simulates Cyberthreats, train people, while measure and analysis results, reducing Cybersecurity risks for People and Companies.

Shift5

Shift5

Shift5 focus on securing operational technology (OT) by building best-in-class, dual-use products serving military and commercial entities.

Infosec Global

Infosec Global

Infosec Global provides technology innovation, thought leadership and expertise in cryptographic life-cycle management.

Vijilan Security

Vijilan Security

Vijilan provides 24/7 SOC services to MSPs/VARs. Our Security Operations Center is global, and our services are exclusive to the Channel.

CentricalCyber

CentricalCyber

CentricalCyber is a cyber risk consultancy and NIST CSF specialist set up to help business leaders better understand and manage cyber risk.

PreCog Security

PreCog Security

PreCog Security is a US based cybersecurity risk mitigation company. We specialize in helping you find, minimize and manage vulnerability risk within your product, network and process.

Oman Data Park

Oman Data Park

The Data Park is Oman’s premier IT Managed Services provider. We offer a superior Tier 3 Data Center network providing cyber security and cloud services.

Dutch Institute for Vulnerability Disclosure (DIVD)

Dutch Institute for Vulnerability Disclosure (DIVD)

DIVD's aim is to make the digital world safer by reporting vulnerabilities we find in digital systems to the people who can fix them.

Drumz

Drumz

Drumz plc is an investment company whose investing policy is to invest principally but not exclusively in the technology sector within Europe.

Mondoo

Mondoo

Mondoo is a powerful security, compliance, and asset inventory tool that helps businesses identify vulnerabilities, track lost assets, and ensure policy compliance across their entire infrastructure.

National Information and Cybersecurity Council (NICC)

National Information and Cybersecurity Council (NICC)

National Information and Cybersecurity Council is a leading collaborative effort between Government of India and Industry to raise Cybersecurity awareness nationally.

Cura Technology

Cura Technology

Cura Technology offers a wide array of security solutions meticulously designed to address specific facets of your security requirements.

TeamT5

TeamT5

TeamT5 Inc. is a leading cybersecurity company dedicated to cyber threat research and solutions.