FBI and CISA Warn Healthcare Facilities of Ransomware Group Daixin Team

Federal authorities warn healthcare systems to up their cybersecurity protocols.

By Mackenna Moralez


The FBI, Cybersecurity and Infrastructure Security Agency (CISA) and department of Health and Human Services (HHS) are warning healthcare facilities of the Daixin Team, a cybercrime group that has been targeting the healthcare sector with ransomware and data extortion operations.  

The Daixin team reportedly has been targeting healthcare systems since at least June 2022. The team has caused ransomware incidents at multiple organizations and has deployed ransomware to encrypt servers, exfiltrated personal identifiable information and patient health information, and it has threatened to release the information if a ransom is not paid.  

The Daixin Team reportedly took responsibility for a ransomware attack on a Missouri hospital system in June. The Daixin Team also attacked OakBend Medical Center on Sept. 1, collecting 3.5GB of data, including over 1 million records with patient and employee information, The Hacker News reports.  

The FBI, CISA and HHS urged healthcare organizations to implement the following measures to protect against Daixin and other malicious activity: 

  • Install updates for operating systems, software, and firmware as soon as they are released. Prioritize patching virtual private network (VPN) servers, remote access software, virtual machine software and known exploited vulnerabilities. Consider leveraging a centralized patch management system to automate and expedite the process.  
  • Implement and enforce multi-layer network segmentation with the most critical communications and data resting on the most secure and reliable layer.  
  • Limit access to data by deploying public key infrastructure and digital certificates to authenticate connections with the network, Internet of Things (IoT) medical devices and the electronic health record system, as well as to ensure data packages are not manipulated while in transit from man-in-the-middle attacks.  
  • Use standard user accounts on internal systems instead of administrative accounts, which allow for overarching administrative system privileges and do not ensure least privilege.  
  • Protect stored data by masking the permanent account number when it is displayed and rendering it unreadable when it is stored through cryptography, for example.  
  • Secure the collection, storage and processing practices for PII and PHI, per regulations such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Implementing HIPAA security measures can prevent the introduction of malware on the system.  
  • Use monitoring tools to observe whether IoT devices are behaving erratically due to a compromise.  
  • Create and regularly review internal policies that regulate the collection, storage, access, and monitoring of PII/PHI. 

Mackenna Moralez is the associate editor of the facilities market. 



October 25, 2022


Topic Area: Information Technology , Security


Recent Posts

Furniture Selection Can Help Create Community in Senior Care Facilities

While predicting future resident needs is impossible, prioritizing choices is possible.


Texas HHSC Breaks Ground on New Panhandle State Hospital in Amarillo

The 164,475-square-foot, 75-bed hospital is expected to be completed in 2027.


Weingart Towers in LA Sets Standard for Behavioral Health Projects

Strategic project management in the creation of behavioral health facilities can help transform well-meaning plans into tangible, lasting change.


Roper St. Francis Breaks Ground on New Hospital Campus

The project remains on track for a 2029 completion.


Griffin Health Improves Patient Safety and Prevents HAIs with Electronic Hand Hygiene System

Case study: The system is used in all patient units, including the emergency department and ambulatory services.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.