DOJ indicts 2 in cyberattack against MedStar Health, municipalities - Technical.ly Baltimore

Civic

Nov. 28, 2018 3:59 pm

DOJ indicts 2 in cyberattack against MedStar Health, municipalities

The Iranian citizens were behind the SamSam ransomware, the U.S. Department of Justice alleges.
Union Memorial Hospital.

Union Memorial Hospital.

(Courtesy photo)

The U.S. Department of Justice indicted two Iranian citizens Wednesday in connection with a 2016 cyberattack on Maryland’s MedStar Hospital, as well as municipalities.

The indictment alleges Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri worked from inside Iran to carry out ransomware attacks, in which they would shut down computer systems and demand Bitcoin payments in exchange. The two were not arrested, but are now wanted by the FBI.

The malware used was known as the SamSam ransomware. Attackers gained access to a system remotely, and installed it. The March 2016 attack against Columbia-based MedStar Health, which runs Baltimore’s Union Memorial Hospital and nine other hospitals in the region, encrypted data at the hospital, freezing up access to electronic health records. The health system continued to provide care, but were forced to use paper records in some cases.

“The defendants chose to focus their scheme on public entities, hospitals, and municipalities,” said U.S. Deputy Attorney General Rod Rosenstein, who previously served as U.S. Attorney of Maryland. “They knew that shutting down those computer systems could cause significant harm to innocent victims.”

In all, they attacked 200 victims, including the high-profile attack on the City of Atlanta, additional hospitals and the Port of San Diego. They collected a total of $6 million in extortion payments, and caused $30 million in losses, according to the DOJ. The U.S. Department of the Treasury also sanctioned people in Iran who exchanged Bitcoin payments for the alleged attackers.

Advertisement

The indictment marked the first in a ransomware case, according to the feds.

“The events described in this indictment highlight the need for businesses, healthcare institutions, universities, and other entities to emphasize cyber security, increase threat awareness, and harden their computer networks,” said Assistant Attorney General Brian A. Benczkowski.

-30-
CONTRIBUTE TO THE
JOURNALISM FUND

Already a contributor? Sign in here
Connect with companies from the Technical.ly community
New call-to-action

Advertisement

These Maryland cyber startups got $1M contracts at an Air Force pitch day

This Maryland cybersecurity association looks to promote prospects to professionals

Cybersecurity startup Code Dx wins $2M seed investment at DataTribe Challenge

SPONSORED

Baltimore

How this lawyer is helping entrepreneurs bark up the right tree

Philadelphia, PA

URBN

IT Recruiter

Apply Now

Philadelphia, PA

URBN

URBN Project Manager

Apply Now

Baltimore

14 West

F5 Engineer

Apply Now

Cybrary’s $15M Series B will be used to expand its cybersecurity training platform

Baltimore City Council cybersecurity committee to hold first hearing [Events Roundup]

Uber holds driver training on warning signs of human trafficking

SPONSORED

Baltimore

Get to know SmartLogic’s culture of plants, podcasts and productive client relationships

Hunt Valley, MD

LawIQ

SOFTWARE ENGINEER – FULL TIME OPPORTUNITY

Apply Now

Philadelphia, PA - Center City

Odessa

Sr. Project Manager – ERP Implementations

Apply Now

Annapolis Junction, MD

Asymmetrik

FULL-STACK DEVELOPER

Apply Now

Sign-up for daily news updates from Technical.ly Baltimore

Do NOT follow this link or you will be banned from the site!