During a United Nations Security Council briefing, the Biden administration called ransomware attacks a “public health crisis” that transcends typical cybersecurity threats. Officials also requested international collaboration in safeguarding healthcare infrastructure.
What happened
Anne Neuberger, deputy national security adviser at the White House, addressed the UN Security Council, stressing that ransomware has become a public health and safety issue. In a joint statement, 54 UN member states urged collective action to "strengthen the cybersecurity and resilience of our critical infrastructure" amid increasing threats to healthcare and emergency services.
Neuberger pointed to Russia’s leniency toward cybercriminals in exacerbating the crisis, accusing the nation of allowing ransomware actors to operate within its borders without consequence.
The backstory
Ransomware attacks have become increasingly prevalent, particularly impacting the healthcare sector. In 2021, the Biden administration launched its anti-ransomware strategy to improve the country’s cyber defenses. The strategy focused on treating ransomware as a national security threat and coordinating with international partners to disrupt the infrastructure supporting ransomware gangs.
The approach resulted in various successes, including the Counter Ransomware Initiative, with 41 nations pledging not to pay ransoms. However, as ransomware groups have evaded law enforcement, challenges persist, particularly with state-sponsored entities providing indirect support to cyber criminals.
Going deeper
Russian-based ransomware groups like BlackCat and LockBit were responsible for over 30% of all healthcare-targeted ransomware incidents worldwide last year. These attacks often leverage double-extortion tactics, where data is encrypted and exfiltrated. These tactics prolong service disruptions and pose direct risks to patient safety.
The FBI documented 249 ransomware incidents in US healthcare facilities in 2023, and the threat continued to intensify in 2024, with nearly 200 attacks occurring within the first six months alone.
Related:
What was said
Neuberger accused Russia of hosting ransomware actors who "operate with impunity." She also stressed that these sophisticated attacks strain healthcare resources, causing delayed treatments and forcing hospitals to divert patients.
Furthermore, the UN statement declared, “The increasing threat of ransomware is detrimental to all of us,” calling for international cooperation in addressing ransomware.
Why it matters
The direct link between ransomware groups and Russia presents a geopolitical challenge, complicating law enforcement efforts due to a lack of cooperation. These tacks are crippling healthcare systems globally, undermining public health and patient safety.
The bottom line
As ransomware evolves, international cybersecurity cooperation must improve to mitigate this threat and protect public services.
Read also: HHS identifies healthcare’s most urgent cyber threats
FAQs
What is the Counter Ransomware Initiative?
Biden administration-led initiative with several international agreements aimed at deterring ransomware attacks. These agreements aim to improve cyber defenses and incident response protocols and commit to never paying ransom demands. It also includes cross-border law enforcement operations that “name and shame” ransomware actors and disrupt their operational infrastructure.
Why is the healthcare sector a major target of ransomware attacks?
Healthcare facilities handle individuals’ sensitive personal and medical data and operate with minimal downtime, making them attractive targets for cybercriminals.
Can email encryption improve cybersecurity?
Yes, HIPAA compliant email solutions, like Paubox, offer advanced encryption that converts email content into a secure format only authorized recipients can access. Ultimately, it prevents unauthorized PHI disclosure that leads to costly data breaches and costly HIPAA fines.
