The FBI has issued a warning about cyber-criminal organisation Conti targeting networks belonging to authorities.
The FBI said it had identified at least 16 Conti ransomware attacks targeting “US healthcare and first responder networks”.
More than 400 organisations have been targeted by Conti worldwide, of which more than 290 are based in the US, according to the FBI.
“Conti typically steals victims’ files and encrypts the servers and workstations in an effort to force a ransom payment from the victim.
“If the ransom is not paid, the stolen data is sold or published to a public site controlled by the Conti actors,” it added.
The FBI said that recent ransom demands have been as high as $25m (£21m).
Ransomware groups usually encrypt data on victims networks scrambling files to make them unusable without the decryption key.
In a surprise move the Conti ransomware group recently provided this key for free to the Irish government, whose health service had been the victim of a ransomware attack.
It is hoped that the tool could ensure that hospitals and the health care system return back to normal sooner than the process of rebuilding their IT from scratch.
The head of the HSE, the agency that runs the Irish health service has described the impact of the cyber-attack as “catastrophic” and “stomach-churning”.
The HSE has secured a High Court order preventing the Russia-based hackers – or any individual or business – from sharing, processing, or selling the information.
The court injunction also applies to social media platforms such as Twitter, Google, and Facebook and therefore limits the gang’s scope for disseminating the information.
The HSE said all elements of health services were affected, including major disruption to radiotherapy services.
It said it was working to treat all urgent radiation patients in private hospitals.
There have been cancellations across all outpatient services, with colonoscopies down by as much as 80% and chemotherapy and daily elective procedures down by 50%.