Hospital emergency rooms are our first line of defense for actual attacks and emergencies, but in some cases ERs are finding themselves literally under cyber-attack.
Recent law enforcement notices warn that telephone access to ER’s has been disrupted in some instances by extortionists attempting to obtain personal information from hospital employees. Generally, a cyber-criminal will place a call to an ER, demanding that an employee provide personal information such as credit card numbers to satisfy a fictitious debt. When the employee (or a colleague) refuses, the criminal initiates a “Telephony Denial of Service” (TDoS) attack. These attacks can shut down telephone access to the hospital or ER for several hours.
These attacks are not necessarily directed against hospital ER’s, but the impact is immediate and can be life-threatening. Approximately one thousand such attacks have been reported since 2013 to the FBI’s Internet Complaint Center. Any system experiencing such an attack should save voice recordings of suspects, record telephone numbers and account information if the caller is demanding payment, retain call logs and IP logs (if applicable), and remove the affected telephone number from 9-1-1 and other critical trunks. In advance of such an attack, hospital systems should determine how they may isolate critical telephone lines so that they will remain operable when other telephone lines are overloaded.
Complaints may be made to the FBI’s Internet Crime Complaint Center (www.ic3.gov), the National White Collar Crime Center (NWC3), the FBI’s 24/7 Cyber Watch (CyWatch) by calling 855/292-3937 or emailing firstname.lastname@example.org, or contacting local law enforcement.