Cyber Attack On US Children's Hospital

In June 2021, hackers working for the Iranian government attempted to break into and damage computer systems at Boston Children’s Hospital. This exploit has now been confirmed by the Federal Bureau of Investigation (FBI) Director Christopher Wray who explained this at the Boston College Cyber Security Conference.

The attempted cyber attack took place in June 2021, the attackers exploited popular software made by California-based firm Fortinet to control the hospital's computer network. The FBI was able to help thwart the hackers before they did damage to the hospital's computer network, said FBI Director Wray.

It remains unclear what was the reason behind the cyber attack on the hospital. Boston Children's Hospital has more than 400-beds and is considered one of the premier pediatric centers in the US. The FBI was able to help stop the hackers before they managed to do any damage, according to Wray,

Wray cited this attempt as an example of the potential high-impact hacking threats that the US faces from the governments of Iran, Russia, China and North Korea.

"We cannot let up on China or Iran or criminal syndicates while we're focused on Russia," Wray said in a speech at Boston College. He said the bureau and Boston Children’s Hospital had worked closely together after a hacktivist attacked the hospital’s computer network in 2014. 

In 2014, a US citizen named Martin Gottesfeld launched a  cyber attack at the hospital to protest the care of a teenager at the center of a high-profile custody battle and later was subsequentoy sentenced to 10 years in prison. The Gottesfeld attack cost the facilities tens of thousands of dollars and disrupted operations for days. “Children’s and our Boston office already knew each other well, before the attack from Iran, and that made a difference,” Wray said.

The FBI and other federal agencies have been working to assure hacking victims that it is in their best interest to report intrusions and cyber crimes. Many companies attacked by ransomware gangs often don’t go to the FBI for a variety of reasons.

One unnamed Fortune 500 company told committee staff that the FBI did not offer any “helpful assistance” when responding to a ransomware attack. “For example, the FBI offered their hostage negotiator who appeared to have little expertise in responding to ransomware attacks,” the report said. 

JPost:      PBS:    CNN:       WSJ:      Reuters:     ABC:      FoxNews:     Times of Israel:

You Might Also Read: 

Ransomware, Iranian Hackers & Pornography:

 

« For Sale: Academic Credentials
US Supreme Court Blocks Texas Law On Social Media ‘Censorship’ »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BCS, The chartered Institute for IT

BCS, The chartered Institute for IT

BCS provides IT professionals with up to date and relevant certifications enabling them to manage IT security effectively within their budget.

Lookout

Lookout

Lookout is the data-centric cloud security company that uses a defense-in-depth strategy to address the different stages of a modern cybersecurity attack.

Australian Signals Directorate (ASD)

Australian Signals Directorate (ASD)

The Australian Signals Directorate is an intelligence agency in the Australian Government Department of Defence.

Detack

Detack

Detack is an independent supplier of IT security auditing and consulting services.

International Computer Science Institute (ICSI)

International Computer Science Institute (ICSI)

ICSI is a leading independent, nonprofit center for research in computer science. Research areas include network security and privacy.

Elastic

Elastic

Elastic is the world's leading software provider for making structured and unstructured data usable in real time for search, logging, security, and analytics use cases.

LiveVault

LiveVault

LiveVault delivers fully automated, turnkey, backup over the Internet or a private network connection for uninterrupted remote data protection.

Momentum Cyber

Momentum Cyber

Momentum Cyber provides world-class M&A and strategic advice combined with unparalleled senior-level access to the Cybersecurity ecosystem.

Nuspire

Nuspire

Nuspire provide services to protect your network with best-in-class managed detection and response, allowing you to stay focused on managing your business.

Liongard

Liongard

Liongard automates the management and protection of modern IT environments at scale for IT MSPs - Managed Service Providers and Enterprise IT Operations.

Spin Technology

Spin Technology

SpinOne is a SaaS data protection platform designed to monitor, secure, and back up your G Suite and O365 data, improve compliance, and reduce IT costs.

Netizen

Netizen

Netizen is an award-winning company that develops and leverages innovative solutions to enable a more secure cyberspace for clients in government and commercial markets.

Probity

Probity

Probity Inc. is a certified software development and systems engineering company, providing support to federal government and national defense related clients.

CyberUp

CyberUp

CyberUp is a nonprofit organization created to strengthen the cybersecurity workforce. We help employers reimagine how they grow and scale their cybersecurity workforce.

Netsurit

Netsurit

Managed IT, Cloud, and Security Services. Netsurit is Your IT Innovation and Digital Transformation Accelerator.

KTrust

KTrust

KTrust provides Continuous Threat Exposure Management for Kubernetes environments.