Cyber Attack On US Children's Hospital

Uploaded on 2022-06-07 in INTELLIGENCE-Hot Spots-Iran, FREE TO VIEW, BUSINESS-Services-Health & Welfare

In June 2021, hackers working for the Iranian government attempted to break into and damage computer systems at Boston Children’s Hospital. This exploit has now been confirmed by the Federal Bureau of Investigation (FBI) Director Christopher Wray who explained this at the Boston College Cyber Security Conference.

The attempted cyber attack took place in June 2021, the attackers exploited popular software made by California-based firm Fortinet to control the hospital's computer network. The FBI was able to help thwart the hackers before they did damage to the hospital's computer network, said FBI Director Wray.

It remains unclear what was the reason behind the cyber attack on the hospital. Boston Children's Hospital has more than 400-beds and is considered one of the premier pediatric centers in the US. The FBI was able to help stop the hackers before they managed to do any damage, according to Wray,

Wray cited this attempt as an example of the potential high-impact hacking threats that the US faces from the governments of Iran, Russia, China and North Korea.

"We cannot let up on China or Iran or criminal syndicates while we're focused on Russia," Wray said in a speech at Boston College. He said the bureau and Boston Children’s Hospital had worked closely together after a hacktivist attacked the hospital’s computer network in 2014. 

In 2014, a US citizen named Martin Gottesfeld launched a  cyber attack at the hospital to protest the care of a teenager at the center of a high-profile custody battle and later was subsequentoy sentenced to 10 years in prison. The Gottesfeld attack cost the facilities tens of thousands of dollars and disrupted operations for days. “Children’s and our Boston office already knew each other well, before the attack from Iran, and that made a difference,” Wray said.

The FBI and other federal agencies have been working to assure hacking victims that it is in their best interest to report intrusions and cyber crimes. Many companies attacked by ransomware gangs often don’t go to the FBI for a variety of reasons.

One unnamed Fortune 500 company told committee staff that the FBI did not offer any “helpful assistance” when responding to a ransomware attack. “For example, the FBI offered their hostage negotiator who appeared to have little expertise in responding to ransomware attacks,” the report said. 

JPost:      PBS:    CNN:       WSJ:      Reuters:     ABC:      FoxNews:     Times of Israel:

You Might Also Read: 

Ransomware, Iranian Hackers & Pornography:

 

« For Sale: Academic Credentials
US Supreme Court Blocks Texas Law On Social Media ‘Censorship’ »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ON-DEMAND WEBINAR: How to improve your security posture with a web application firewall (WAF)

ON-DEMAND WEBINAR: How to improve your security posture with a web application firewall (WAF)

Watch this webinar to discover how a WAF goes beyond a standard firewall and helps you meet security industry compliance.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

RSA Insurance Group

RSA Insurance Group

RSA is one of the world’s leading multinational quoted insurance groups. Commercial services include cyber risk insurance.

Blue Ridge Networks

Blue Ridge Networks

Blue Ridge offers a suite of solutions that enable secure remote access to the enterprise network with protection and control of endpoints.

VerifyMe

VerifyMe

VerifyMe is a global technology solutions company delivering brand protection offerings to mitigate counterfeiting, product diversion, and illicit trade.

SynerComm

SynerComm

SynerComm is an IT solution provider specializing in network and security infrastructure, enterprise mobility, remote access, wireless solutions, audit, pentesting and information assurance.

Temasoft

Temasoft

TEMASOFT is a software company focused on developing security and infrastructure products.

CHT Security

CHT Security

CHT Security is a Managed Security Service Provider (MSSP) specialized in cyber security technologies enabling enterprises to defense against cyber threats to networks, gateways and endpoints.

FireCompass

FireCompass

FireCompass SAAS platform helps CISOs & Security Teams in continuous risk assessment by mapping your attack surface and knowing the “unknown unknowns”.

UKsec: Virtual Cyber Security Summit

UKsec: Virtual Cyber Security Summit

Join 100s of UK Cyber Security Leaders Online for Expert Cyber Security Talks, Strategy Insights, Cyber Resilience Tips and More.

LogicHub

LogicHub

LogicHub is built on the principle that every decision process for threat detection and response can and should be automated.

Beyond Encryption

Beyond Encryption

Mailock by Beyond Encryption is a secure email solution that allows businesses to exchange email securely, safe in the knowledge that their email can only be read by their intended recipient.

Real Protect

Real Protect

Real Protect is a Brazilian provider of managed security (MSS) and cyber defense services.

Epiphany Systems

Epiphany Systems

Epiphany enhances your defensive security controls by providing you with an offensive perspective. We expose the most likely attack paths to your most critical IT assets and users.

AdvIntel

AdvIntel

AdvIntel is a next-generation threat prevention and loss prevention company launched by a team of certified investigators, reverse engineers, and security experts.

Celebrus

Celebrus

Celebrus Fraud Data Platform, by D4t4 Solutions, works with existing fraud structures to augment functionality and turn fraud management into true fraud prevention.

Advent One

Advent One

Advent One are recognised for solving intricate dilemmas, not only making technology work but building foundations that customers can grow upon in an effective and secure way.

Wadilona Cyber Securities

Wadilona Cyber Securities

Wadilona Cyber Securities' sole aim is to bring and secure Information and Communications Technology (ICT) to and work for humans in its simplest terms.