The Federal Bureau of Investigation said that the same group of online extortionists blamed for striking the Irish health system last week have also hit at least 16 US medical and first response networks in the past year.
In an alert made public by the American Hospital Association, the FBI said [pdf] the cybercriminals using the malicious software dubbed ‘Conti’ have targeted law enforcement, emergency medical services, dispatch centres, and municipalities.
The alert did not name the victims or go into detail about the nature or severity of the breaches, saying only that they were among more than 400 organisations worldwide targeted by “Conti actors.”
The FBI did not immediately return a message seeking further detail on the notice, which was first reported by IT security news site Bleeping Computer.
Ireland’s Health Service Executive shut down its networks last Friday following a Conti-linked attack.
The ransom attack has crippled diagnostic services, disrupted Covid-19 testing, and forced hospitals to cancel appointments. Ireland’s minister responsible for e-government, Ossian Smyth, described it as possibly the most significant cybercrime to hit the Irish state.
The Irish government said it had not paid and would not pay any ransom in exchange for the purported key.
The Conti hackers have not returned messages from Reuters seeking comment.