Outsmarting Cybercriminals: A Tale of Healthcare, Cryptocurrency, and a Bold Legal Move

The widespread use and unidentified nature of cryptocurrencies are triggering financial, legal, and moral hurdles that make healthcare organizations prime targets for cyber thugs, according to David Hoffman, the chief legal officer of Claxton-Hepburn Medical Center. The center has recently launched a legal battle against the ransomware group LockBit.

Honestly, it infuriates me that we, as a worldwide community, have not only accepted but also advocated for the presence of anonymity in digital currency transactions,” he expressed during a discussion with Information Security Media Group.

“In the past, anonymous Swiss bank accounts identified by numbers were the traditional method to conduct monetary dealings while maintaining anonymity,” said Hoffman. However, in recent years, “Switzerland also realized that this was not a feasible business strategy for their banking sector, and they discontinued the use of anonymous numerical Swiss bank accounts.

“So what did we end up doing next? We amplified the same issue to a whole new level, essentially paving the way for these ransomware attacks and a myriad of other illegal actions,” stated Hoffman, who also holds a position as an assistant professor of bioethics at Columbia University.

The Claxton-Hepburn Medical Center, located in Ogdensburg, New York, hosts 115 beds. Along with its associated entities – Carthage Area Hospital and North Country Orthopaedic Group, it forms a part of the North Star Health Alliance in upstate New York. This alliance found itself under attack by LockBit, who inflicted a ransomware encryption and data theft attack on the group during the previous summer.

“We managed to have a complete backup of our data which allowed us to successfully recuperate from the backup,” stated Hoffman. However, North Star Health Alliance’s data was pilfered by LockBit. The FBI, later on, ascertained that the cyber felons had moved and lodged the data onto a server owned by a cloud services company in Boston, known as Wasabi Technologies.

In a distinctive legal maneuver in November, the North Star Health Alliance decided to pursue litigation against the unidentified male and female perpetrators of the LockBit ransomware attack. This was done despite their understanding that the cybercrime syndicate may never recognize or answer the charge (see: Hospitals Sue LockBit, Request Cloud Company to Recover Pilfered Data).

Despite everything, the lawsuit by North Star Health Alliance accomplished its primary goal: it acted as a legal strategy to compel Wasabi Technologies to return the pilfered hospital data (see: Special Report: Cloud Service Provider Reverses Hospital Data Theft).

At present, North Star Health Alliance is thoroughly examining the acquired data to ascertain the quantity of affected patients and the nature of compromised information due to the incident.

“Given the surge in assaults on various infrastructures, including ransomware and frankly malicious, harmful attacks, we must reconsider the utility of anonymous digital currency transactions,” he declared. “Cyber felons view hospitals as prime targets. Such behavior is unacceptable and should not be condoned.”

In his conversation with the team at Information Security Media Group, which you can listen to via the audio link beneath the picture, Hoffman also touched

Hoffman, who works as a medical attorney and clinical ethics specialist in New York, holds the position of chief legal officer and supervises adherence to regulations at Claxton-Hepburn. In addition to this, he holds teaching positions at Columbia University as an associate bioethics professor, and at the Albert Einstein College of Medicine as a clinical associate professor. His teaching subjects cover the intersection of law, medicine, and ethics.

Site Footer