The Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology on the National Security Council, Anne Neuberger, criticized Russia for letting cybercriminal groups execute ransomware attacks on U.S. healthcare companies and for not doing anything to hold those organizations accountable for the criminal offenses.
Ransomware groups are conducting more attacks on healthcare companies for profit. They steal patient information, encrypt files, and tell the victims to pay the ransom or they will leak the stolen information. Because of the attacks, ambulances are frequently placed on reroute, consultations and surgical procedures are postponed, and patient services at the attacked entity and nearby hospitals are disrupted for some weeks. Research shows that these ransomware attacks result in a rise in medical problems and fatality rates, longer patient stays, and poor patient results after a ransomware attack. Based on the HHS’ Office for Civil Rights, big data breaches associated with medical care ransomware attacks have increased by 264% since 2018, which can potentially lead to more HIPAA violation cases.
Numerous ransomware groups are believed to work outside of Russia and have followed policies of not executing attacks within Russia or any Commonwealth of Independent States (CIS) members. These ransomware groups are financially driven cybercriminal organizations instead of state-sponsored cyber criminals and Russia overlooks the attacks as long as the groups don’t perform attacks within Russia or the CIS.
Russian President Vladimir Putin met with President Biden in 2021. The U.S. President asked Putin then to act against the cybercriminal groups that execute ransomware attacks in America from within Russia. Later that year, Biden expressed impatience during a phone call because of the continuing attacks. He said the United States expects action when a ransomware attack is coming from Russia whether it is state-sponsored or not.
In a UN Security Council meeting, Neuberger discussed that ransomware attacks involving US healthcare companies and several new variants of ransomware are connected with Russia, which includes LockBit and Blackcat. The two ransomware groups were very popular in 2023 and were responsible for 30% of all ransomware attacks on healthcare providers around the world. Neuberger released a demand action and encouraged all countries that discovered a ransomware attack on a medical center to inform the country wherein the attack started. Request action should be done consistently with UN obligations concerning responsible state conduct in cyberspace.
All Member States should work together to improve the cybersecurity and toughness of their critical infrastructure and to face and interrupt the ransomware attack. Whenever States work unpredictably using the framework, and knowingly enable ransomware actors to work with impunity from their territories, dependable States ought to call out irresponsible and destabilizing conduct and make irresponsible actors accountable. The growing threat of ransomware is harmful to everyone. On November 8, 2024, 54 countries including the United States, United Kingdom, and France, excluding Russia or China, signed a joint statement.
