Cyberattack on Change Healthcare causes nationwide pharmacy disruptions
Pharmacies across the United States are grappling with disruptions due to an ongoing cyberattack targeting Change Healthcare — a subsidiary of UnitedHealth Group and one of the nation’s largest commercial prescription processors. The attack has hindered pharmacies’ ability to process prescriptions for patients.
UnitedHealth has attributed the cyberattack to suspected government-backed hackers, although the company has not disclosed the suspected nation. In response to the attack, UnitedHealth took its online systems offline to safeguard patient information, and it claims to have contained the impact.
“The company is working diligently to restore those systems and resume normal operations as soon as possible, but cannot estimate the duration or extent of the disruption at this time,” UnitedHealth Group Inc. stated in a filing with the Securities and Exchange Commission.
In addition to some retail pharmacies such as CVS and Walgreens, the cyberattack is also affecting military clinics and hospitals worldwide.
Straight Arrow News confirmed that online prescription services at three major Veterans Affairs medical centers and the 55th Medical Group at Offutt Air Force Base in Nebraska remain disrupted.
To mitigate the impact, the Defense Health Agency (DHA) has indicated that affected clinics and hospitals will manually process outpatient prescriptions until the issue is resolved.
The American Hospital Association (AHA) is advising health care providers to disconnect from Change Healthcare and to examine their own systems for any signs of the attack. The AHA is coordinating with the FBI, the Department of Health and Human Services, and the Cybersecurity and Infrastructure Security Agency in response to the situation.
The outages have led to prescription delays for patients at affected retail pharmacies. TRICARE, the health program for military personnel, is prioritizing urgent prescriptions at its pharmacies to address the issue.
Nebraska looks to bolster cybersecurity by hiring white-hat hacker
The United States faces a relentless wave of cyber attacks, with an incident occurring every 39 seconds. The Internet Crime Complaint Center reported that in 2022, these breaches inflicted a financial toll of $10 billion. Digital breaches not only risk the exposure of sensitive personal information of millions of Americans but also threaten to disrupt essential national services.
Addressing the cyber threat from China
Jen Easterly, the director of the Cybersecurity and Infrastructure Security Agency (CISA), highlighted the evolving threat from China.
“We’ve long been focused on the cyber threat from China,” Easterly said on Jan. 31. “But as you’ve heard in recent years we have seen a deeply concerning evolution in Chinese targeting of U.S. critical infrastructure. In particular, we have seen the Chinese cyber actors including those known as Volt Typhoon burrowing deep into the critical infrastructure to enable destructive attacks in the event of a major crisis for conflict.”
In January, the FBI announced it shut down an attempt by the Chinese hacking group to infiltrate U.S. infrastructure through outdated internet routers. FBI Director Christopher Wray called Volt Typhoon “the defining threat of our generation.”
Nebraska’s legislative efforts in cybersecurity
Nebraska state Sen. Loren Lippincott, R, emphasized the need for proactive measures in cybersecurity.
“Cybersecurity is certainly an issue that we need to talk about,” Lippincott said. “And unfortunately, in politics, I have found that we tend to be reactive instead of proactive.”
He also said nearly 70% of all public sector entities faced ransomware attacks in 2023. Now, Lippincott is spearheading two critical legislative efforts aimed at strengthening Nebraska’s cybersecurity framework.
The first bill seeks to upgrade the state’s cyber defenses with the latest tools and software. The second bill proposes a bold move to recruit ethical, white-hat hackers.
“You want the hackers to try to break into our system and find out where the leaks, where the holes are in the dike,” Lippincott said. “We’re looking for vulnerabilities. And the only way we can know where our vulnerabilities are is if we are tested and it’s wise to test before we get attacked.”
Cybersecurity breaches have exposed the medical records of hundreds of thousands of Nebraskans, leading to multimillion-dollar settlements from some of the state’s leading health care providers. Lippincott emphasized that having security measures isn’t enough; consistent testing of cybersecurity systems is crucial.
He was inspired by his nephew, who worked in the private sector as an ethical hacker.
“If an organization is responsible for securing sensitive data of any kind, they must think like the enemy and be able to defend themselves from those enemies,” Lippincott said. “Of course, defensive security is definitely important, but organizations also need to have offensive security as well.”
Lippincott likened it to the military’s Red Team vs. Blue Team drills. The Red Team pretends to be the enemy, and in the cyber space, the Red Team wears white.
3 US soldiers killed in Jordan drone strike identified: The Morning Rundown, Jan. 30, 2024
The Defense Department identifies the three U.S. soldiers killed in a drone strike at a base in Jordan as officials investigate how the attack happened. And Elon Musk says his Neuralink startup has successfully implanted a computer chip into a human’s brain for the first time. These stories and more highlight The Morning Rundown for Tuesday, Jan. 30, 2024.
Get up to speed on the stories leading the day every weekday morning. Get The Morning RundownTM newsletter straight to your inbox!
3 U.S. soldiers killed in Jordan drone strike identified
The identities of the three U.S. soldiers who were killed in an attack on a military base in Jordan on Sunday, Jan. 28, have been released as the investigation is revealing new details. The Defense Department said 46-year-old Sgt. William Jerome Rivers, 23-year-old Spc. Breonna Moffett and 24-year-old Spc. Kennedy Sanders, all from Georgia, were killed by an unmanned aerial drone attack on the troops’ sleeping quarters in the early morning hours.
"We are deeply saddened by the loss of our three Army Soldiers who made the ultimate sacrifice while serving their country in Jordan. Our prayers are with these loyal and courageous Soldiers’ families, friends, and the entire 718th Engineer Company – we honor their selfless…
The Biden administration blamed an Iranian-backed militia group for the attack, the first in which American soldiers have been killed since the start of the Israel-Hamas war. Iran has denied it was behind the strike. White House National Security spokesperson John Kirby echoed President Joe Biden’s comments a day earlier. Kriby said the U.S. would respond.
“We do not seek another war. We do not seek to escalate,” Kirby said. “But we will absolutely do what is required to protect ourselves, to continue that mission, and to respond appropriately to these attacks.”
All three soldiers who died were part of Operation Inherent Resolve, tasked with defeating ISIS in the region. The strike is believed to be the deadliest attack on U.S. service members since 13 Americans were killed in Afghanistan in 2021.
Six-week pause in war proposed for release of more hostages
Talks of another pause in the war between Israel and Hamas are in the early stages. Still, officials said the framework to deal is expected to be presented to Hamas that would see a six-week stoppage in fighting and the release of more hostages in exchange for Palestinian prisoners.
I met with @MBA_AlThani_ in Washington, DC, to discuss efforts to secure the release of all the remaining hostages held by Hamas. We are thankful for Qatar’s partnership and indispensable role in mediating. pic.twitter.com/ngdqwM5miY
The terms were drafted by representatives of the United States, Israel, Qatar, and Egypt on Sunday, Jan. 28, in Paris. CIA Director William Burns was among those working on the plan that Qatar would present to Hamas officials, and they would then send back a response.
“We are hoping actually, to relay this proposal to Hamas and to get them to a place where they engage positively and constructively in the process.” Qatari Prime Minister Mohammed bin Abdulrahman bin Jassim al Thani said during an Atlantic Council webinar.
Officials told the New York Times the early framework called for Hamas to release elderly hostages as well as any remaining women and children during the pause in fighting. When asked on Monday, Jan. 29, about the plan, Secretary of State Antony Blinken replied, “The less said, the better.” He added the proposal on the table is a “compelling one” and “there is some real hope going forward.”
IRS contractor sentenced to 5 years for leaking Trump’s tax records
I acted out of a sincere, if misguided, belief I was serving the public interest.
Charles Edward Littlejohn
Prosecutors said Littlejohn leaked tax data to the New York Times and ProPublica between 2018 and 2020; prosecutors called the leaks “unparalleled in the IRS’s history” and argued that Littlejohn applied to be an IRS contractor to get Trump’s tax returns and figured out how to search for records without sounding alarms.
“I acted out of a sincere, if misguided, belief I was serving the public interest,” Littlejohn said.
Littlejohn was also fined $5,000 and will be under three years of supervised release following his prison sentence. Judge Reyes said the crime was so extraordinary that the punishment must “deter others who might feel an obligation to break the law.”
Cyberattack targets government systems where Trump faces election interference charges
A cyberattack targeted Fulton County, Georgia, government systems, where former President Donald Trump faces election interference charges. According to a Fulton County official, the attack, which is being investigated by law enforcement, targeted devices that use county servers, including those used by District Attorney Fani Willis’ Office.
A county commissioner said there is no indication that any sensitive information about employees or citizens has been leaked, and there is no timeline for when the threat will end and when systems will be restored.
The attack comes as Willis faces filing deadlines in the election interference case against Trump. This week, Willis will be heard in front of a judge as to why she should not be disqualified from prosecuting the case following allegations that she had a relationship with the special prosecutor she hired to work on the Trump case.
Elon Musk says Neuralink has implanted computer chip in first human
Musk said initial results showed “promising neuron spike detection” but gave no further details on the procedure or the patient. In May of 2023, Neuralink announced it received approval from the FDA to conduct its first-in-human clinical study.
🧠 Elon Musk announced the first successful Neuralink brain chip implant in a human. Think about telling someone 10 years ago that by 2024, we'd be on the brink of unlocking telepathy…
In a follow-up post, Musk said the first Neuralink product called “telepathy” will enable the patient to use a phone or computer to control any device just by thinking. Musk said initial users will be those who have lost the use of their limbs.
Pilot believes he may have found Amelia Earhart’s long-lost plane
Tony Romeo, a former Air Force intelligence officer, said he and his crew at Deep Sea Vision may have discovered the long-lost wreckage of Earhart’s twin-engine aircraft after scanning more than 5,200 square miles of ocean floor.
The $11 million expedition used an underwater drone to capture a sonar image resembling the shape of an airplane near Howland Island, halfway between Australia and Hawaii. Earhart was set to land on the island for refueling during her 1937 flight, in which she had hoped to be the first pilot to circumnavigate the globe.
Because the images are blurry, Romeo said his team will return to the site later this year to take clearer photos to confirm if it is indeed the long-lost plane.
FBI warns of cyber kidnappings in US after Utah student becomes a target
Technology has changed lives, giving users more opportunities to connect with one another and providing innovative approaches to everyday tasks. But while law-abiding citizens are using technology to make their lives easier, others are using it to commit crimes in ways once thought impossible.
That even goes for kidnapping.
Reuters reported in 2019 that there are, on average, fewer than 350 people under the age of 21 abducted by strangers in the country per year.
All of these reported cases of kidnappings happened in the real world, which years ago might have been an odd thing to note. These days it’s a necessary differentiator, especially with the recent headlines coming out of Riverdale, Utah, of a 17-year-old foreign exchange student being a victim of cyber kidnapping.
In a statement on Thursday, Jan. 4, the FBI told Straight Arrow News that cyber kidnapping or virtual kidnapping “refers to a range of coercion schemes aimed at extorting quick ransom payments from victims who are manipulated to believe that their loved ones have been kidnapped or are at risk of being kidnapped.”
The FBI said, unlike traditional abductions, virtual kidnappers do not physically kidnap anyone.
“In a virtual kidnapping for ransom, there are multiple victims: The person or people who are being coerced over the phone to pay a ransom, as well as the alleged kidnapped victim who is separately coerced and unwittingly facilitates the perpetrator’s scheme by turning off their phones, refusing to contact family or law enforcement, agreeing to take photos of themselves or other victims or not leaving their location,” the FBI said.
In the case in Utah, police said the suspected cyber kidnappers contacted the parents of the 17-year-old foreign exchange student in China and sent them a photograph that appeared to show that their son had been abducted.
The parents sent the suspects approximately $80,000 to bank accounts in China after receiving continued threats.
The parents then contacted the student’s high school in Utah, which called the police.
As officers began their investigation, the FBI notified the police department of the criminal trend of cyber kidnapping.
The FBI told the Riverdale Police Department there have been several other similar cyber kidnapping cases recently in the United States, with foreign exchange students often targeted.
Authorities said the cyber kidnappers convince their victims under duress to take photos of themselves looking as if they are being held captive and then the images are sent to their families.
Riverdale police explained the victims comply with the kidnappers’ demands out of fear that their families will be harmed otherwise.
According to the FBI, in fiscal year 2022, the average ransom payment for virtual kidnapping cases was $11,140.
Days before Riverdale police received word of the alleged kidnapping, law enforcement in Provo, Utah, observed the victim carrying camping gear. They were concerned for his safety and brought him back to his host parents.
Riverdale police said, at that time, the victim was already being “manipulated and controlled” by the cyber kidnappers.
After the victim was reported kidnapped, police contacted the host family who was not aware he was missing; they said he had been heard in the home in the early hours of Dec. 28. Police searching the host family’s home found the camping equipment was gone.
Riverdale police and neighboring departments sent out search and rescue teams aided by drones to look for the student. They believed he was isolating himself at the direction of the cyber kidnappers.
“Why would he isolate himself? That’s exactly the reason,” Riverdale Police Chief Casey Warren said. “The captors want him to isolate himself from all society because they know there’s a high probability that law enforcement or police will be contacted, and once we contact Kai and know he’s safe, the game is up and the parents will know he’s safe so they won’t send more money.”
A Riverdale police detective sergeant searching on foot came across the victim inside a tent in a wooded area up the mountainside. Investigators said the victim was alive, very cold and scared, but relieved to see police. He was checked out and cleared of any major medical concerns.
The student wanted to speak to his family to let them know he was safe. He also asked for a warm cheeseburger. Riverdale police officers were happy to oblige with both requests.
In its statement on cyber kidnapping, the FBI said, “The FBI and our partners continue to see this threat affect American citizens. If you or someone you know has been victimized by this crime, please contact law enforcement immediately. You can report the crime through the Internet Crime Complaint Center at https://www.ic3.gov/.”
Authorities said those who believe they are becoming a target of cyber kidnapping should not send any money and should discontinue contact with the suspects.
The FBI said many victims of virtual kidnapping cases do not report the crime, either because they are embarrassed or they don’t consider the ransom they paid to be a significant amount.
The agency said even with the crime occurring in the virtual world, victims are traumatized by these events.
FBI investigating criminals posing as Chinese police officers
The FBI is also investigating criminals impersonating police officers from China to defraud Chinese students attending U.S. universities.
In a public service announcement, the FBI said the imposters use technology to “mask” their true telephone numbers and make it appear the call to the student is coming from a mobile telephone service provider, a large retailer, a delivery service, the Chinese Embassy or a consulate.
The criminals call the victims and alert them they are connected to a fraud investigation. They then transfer the call to someone impersonating a Chinese police officer. The suspects then direct the victim to consent to 24/7 surveillance due to the sensitivity of the case and to prove their innocence.
The victim is then directed to wire a large sum of money to a Chinese bank account to prove their innocence or to post bail to avoid having to return to China. In some cases, the suspects instruct the victim to lie to their friends and families to obtain more money.
Those who believe they have been contacted by someone claiming to be a Chinese authority should contact their local FBI field office.
