FBI's Omaha division tips off hospital to compromised server, thwarts cyberattack

by John R. Fischer, Senior Reporter | August 17, 2022
Cyber Security Health IT
The FBI Omaha field office helped protect Butler County Health Care Center from a malware attack. (Photo courtesy of Butler County Health Care Center)
With help from European partners, the FBI’s Omaha field office stopped a cyberattack before it could cause any damage to a Nebraska healthcare provider.

The bad actors behind the attack were targeting Butler County Health Care Center in David City and planted malware in one of its servers just before the fourth of July. They also were planning attacks on six different agriculture co-ops within the Omaha FBI jurisdiction, which includes Iowa, and had been targeting them at different times throughout the past year.

Had they been successful, the attackers could have disrupted healthcare operations and the food supply process in Nebraska, reported NBC-affiliate WOWT/Channel 6.

But Irish investigators tipped off the agency in July about the attack, and it phoned the hospital. Cynthia Neesen, information systems director for Butler County Health Care Center, took the call and, working with the Omaha FBI, identified the compromised server and took it offline. No patient information was stolen or compromised.

“It’s real, and it’s out there. I hoped I’d never have to deal with it. It does happen, and I think it’s going to be more and more prevalent,” Neesen told NBC 6 News/WOWT.

Agents are still trying to determine the identity of the attackers. Omaha FBI cyber task force supervisor agent Ken Schmutz says it is unknown when the bad actors were going to initiate the ransomware and when they were going to spread it. “It could have been in minutes, hours or weeks.”

The FBI says that both big and small businesses should take adequate measures to protect themselves as these attacks become more prevalent.

A breach back in March 2022 compromised information belonging to more than two million patients of Shields Health Care Group in Massachusetts. The provider, which offers MR, PET/CT and ambulatory surgical services at 30 locations, found that full names, social security numbers, dates of birth, home addresses, provider information, diagnoses, insurance information, and more were stolen.

Additionally, the attack may have affected its facility partners, including Tufts Medical Center, UMass Memorial, and other New England healthcare facilities.

Security firm Medigate and cloud-based protection provider CrowdStrike reported in November 2021 that 82% of healthcare providers had experienced some form of an IoT cyberattack in the last 18 months, and of these, 34% were hit with ransomware.

Among those attacked, 33% paid the ransom, but only 69% reported that doing so led to the full restoration of their data.

You Must Be Logged In To Post A Comment