FL Senator Urges FBI to Prioritize Tampa General Cyberattack Investigation

July 27, 2023 - Following a cyberattack on Tampa General Hospital (TGH) that impacted 1.2 million people, Florida Senator Rick Scott (R-FL) penned a letter to FBI Director Christopher Wray asking the bureau to prioritize investigating the attack.

As previously reported, TGH detected unusual activity on its systems on May 31, 2023. The hospital later discovered that an unauthorized party had maintained access to its systems for 18 days beginning on May 12.

The impacted data included patient names, addresses, phone numbers, birth dates, Social Security numbers, health insurance details, medical record numbers, patient account numbers, and dates of service. TGH said that its monitoring systems and experienced team prevented encryption, which would have had significant negative impacts on hospital operations if the threat actors succeeded.

The FBI is frequently involved in healthcare cyberattack investigations. However, Senator Scott urged the bureau to “assign all necessary resources at your disposal to prioritize the investigation of this incident” in particular.

“Unfortunately, this was not the first cyberattack to target our health care institutions, nor is it likely to be the last unless we prioritize the investigation, arrest, and prosecution of these hackers,” the letter continued.

Scott cited the 2021 cyberattack against Scripps Health, which resulted in significant EHR downtime and a $3.5 million settlement. In addition, Scott noted the prevalence of cyberattacks in other countries, including a massive ransomware attack in 2017 against the United Kingdom’s National Health System.

The Senator also pointed out the Cybersecurity and Infrastructure Security Agency’s (CISA) repeated warnings about state-sponsored threat groups originating in other countries that frequently target United States critical infrastructure.  

With these factors in mind, Scott urged the FBI to answer a list of questions regarding what the bureau is doing to coordinate with health systems to prevent attacks and how the FBI works with healthcare organizations to investigate cyberattacks.

Additionally, Scott asked whether the FBI believes that the majority of these attacks are originating outside the US, and whether the agency has enough resources to respond to these incidents effectively.

“I urge you to prioritize the investigation of this recent cyberattack against Tampa General Hospital, and hope you will assign all resources necessary to identify, apprehend and hold accountable the hackers responsible,” Scott concluded.

The FBI has taken significant actions in the past to identify and arrest ransomware threat actors. For example, in June 2023, the US Department of Justice (DOJ) charged Russian national Ruslan Magomedovich Astamirov for his involvement in LockBit ransomware attacks.

“The FBI is committed to pursuing ransomware actors like Astamirov, who have exploited vulnerable cyber ecosystems and harmed victims,” said FBI Deputy Director Paul Abbate at the time.

“We, in collaboration with our federal and international partners, are fully committed to the permanent dismantlement of these types of ransomware campaigns that intentionally target people and our private sector partners. We will continue to leverage every resource to prevent this type of malicious, criminal activity.”

However, ransomware threat groups are often run by a network of perpetrators and have been known to resurface under a different name following increased attention from law enforcement. Holding individual threat actors accountable for their actions is a crucial step, but prevention and early detection are paramount to maintaining healthcare cybersecurity in the long-run.