January 30, 2023

FBI says Iran behind Boston Children’s Hospital cyberattack

A member of the Red Hacker Alliance in Dongguan, China in August 2020 monitors cyberattacks around the world. Hacks have increased through the pandemic and the war in Ukraine – © AFP/File Noel Celis

The U.S. FBI has named Iran as the suspect behind the Boston Children’s Hospital cyberattack. Had the attack succeeded, there would have been an array of threats including a system-wide shutdown, affecting the care of children who were patients at the hospital, as well as ransom demands.

According to FBI Director Christopher Wray: “We got a report from one of our intelligence partners indicating Boston Children’s was about to be targeted, and understanding the urgency of the situation, the cyber squad in our Boston field office raced out to notify the hospital.”

Looking into this incident for Digital Journal is cybersecurity evangelist Alon Nachmany, Field CISO of AppViewX. Nachmany expands on some of the motives behind these types of despicable cyberattacks and what hospitals/the healthcare industry must prioritize looking ahead.

According to Nachmany, the particular incident suggests a major player and one determined to inflict damage: “The terrifying reality of the Boston Children’s Hospital cyberattack is that there are motives behind these types of despicable cyberattacks.

He adds that these types of activities are proving lucrative for so-termed ‘rogue states’: “While some countries rely on cyber warfare for political gain, other countries including North Korea, Iran and now Russia, rely on hacking for income. In fact, an estimated 8 percent of North Korea’s 2020 GDP was from cybercrime.”

Nachmany  also chart the increase in activity, noting: “This is a growing trend, and affects mostly healthcare, as health services are a critical factor when human life is at stake. While thankfully the Boston Children’s Hospital cyberattack did not turn into ransomware, the entire situation reveals that today’s cybercriminals will go great lengths to get what they want — no matter how horrifying.”

Returning to health, Nachmany cautions: “The healthcare sector must prioritize Operational Technology (OT) security and implement zero trust strategies throughout networks and systems, especially those critical to life.”

OT refers to hardware and software that detects or causes a change through the direct monitoring and/or control of physical devices, processes and events in the enterprise. OT is common in Industrial Control Systems (ICS) such as a SCADA System.

By Zero Trust, this is a security framework that requires all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data.