Feds disrupt North Korean hackers that targeted hospitals, seize $500K in ransom

By Heather Landi -July 21, 2022

The U.S. government disrupted the activities of a ransomware group connected to the North Korean government that targeted hospitals, ultimately recovering half a million dollars in ransom paid by a Kansas hospital and other medical facilities.

Authorities plan to return the stolen funds to the ransomware victims, including a hospital in Kansas and a medical center in Colorado, said Deputy Attorney General Lisa Monaco Tuesday.

Speaking at the International Conference on Cyber Security at Fordham University this week, Monaco said last year a medical center in Kansas that was targeted by hackers “did the right thing” at a moment of crisis and called the FBI.

“What flowed from that virtuous decision was: the recovery of their ransom payment; the recovery of ransoms paid by previously unknown victims; the identification of a previously unidentified ransomware strain—all from an investigation that allowed the FBI and its partners to release a cybersecurity advisory to empower network defenders everywhere,” Monaco said.

In May 2021, North Korean state-sponsored hackers used a ransomware strain called Maui to encrypt the files and servers of a medical center in Kansas. 


Chris J. Stewart

Chris currently serves as President and CEO of Surgio Health. Chris has close to 20 years of healthcare management experience, with an infinity to improve healthcare delivery through the development and implementation of innovative solutions that result in improved efficiencies, reduction of unnecessary financial & clinical variation, and help achieve better patient outcomes. Previously, Chris was assistant vice president and business unit leader for HPG/HCA. He has presented at numerous healthcare forums on topics that include disruptive innovation, physician engagement, shifting reimbursement models, cost per clinical episode and the future of supply chain delivery.

Related Articles

Back to top button