'Swatting' Becomes Latest Extortion Tactic in Ransomware Attacks

Threat actors leave medical centers with the difficult choice of paying the ransom or witnessing patients suffer the consequences.

A stethoscope on a keyboard with health symbols above it
Source: Nipiphon Na Chiangmai via Alamy Stock Photo

Using a tactic known as "swatting," threat actors are targeting medical institutions via their patients, in order to convince hospitals to pay ransom demands.

Swatting is an extreme form of prank-calling in which calls are repeatedly made to the police about a certain individual — in this case patients — regarding bomb threats or other highly concerning allegations, leaving authorities no choice but to show up at these unknowing victims' homes heavily armed.

These threat actors seem to think that putting this kind of pressure on US hospitals will force a ransom payment if it means patients will stop being targeted, such as when medical records were stolen from Fred Hutchinson Cancer Center in Seattle last November. The threat actors in that case threatened to heighten the stakes by targeting the center's patients with the swatting technique.

"Fred Hutchinson Cancer Center was aware of cybercriminals issuing swatting threats and immediately notified the FBI and Seattle police, who notified the local police," a spokesperson stated. "The FBI, as part of its investigation into the cybersecurity incident, also investigated these threats."

Similarly, Integris Health in Oklahoma experienced its own cyber-incident where threat actors potentially accessed personal data of patients. Some of them ultimately began to receive emails from threat actors preparing to sell their personal information if demands were not met.

These extreme measures of extortion are only part of an escalation of tactics that cyber professionals have tracked over the years, though it's dependent on each institution whether these tactics actually result in a ransom payment.

About the Author

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights