BlackCat, LockBit 3.0 ransomware target healthcare with customizable tactics, triple extortion
SC Media, December 13, 2022
Healthcare cybersecurity leaders are being urged to review the IOCs and the recommended proactive measures for defending against BlackCat and LockBit 3.0 ransomware variants given the continued targeting of healthcare environments.
Most of the 10 largest healthcare data breaches in 2022 are tied to vendors
SC Media, December 12, 2022
Ninety percent of 10 largest healthcare data breaches reported this year were caused by third-party vendors, much like in 2021. The fallout for many of these cyberattacks resulted in impacts for multiple connected providers, with two of these vendor incidents affecting hundreds of providers.
LockBit 3.0 Ransomware
HHS, December 12, 2022
HC3: Analyst Note. Report: 202212121700
LockBit 3.0 Ransomware
LockBit 3.0 is the newest version of the LockBit ransomware that was first discovered in September 2019. The ransomware family has a history of using the Ransomware-as-a-service (RaaS) model and typically targets organizations that could pay higher ransoms. Historically, this ransomware employs a double extortion technique where sensitive data is encrypted and exfiltrated. The actor requests payment to decrypt data and threatens to leak the sensitive data if the payment is not made.
HHS warns Royal ransomware threat targeting healthcare providers
SC Media, December 8, 2022
Since the emergence of the human-operated ransomware threat group known as Royal in September, the Department of Health and Human Services Cybersecurity Coordination Center has been made aware of targeted cyberattacks against the healthcare sector.
Royal-based attacks have steadily increased in appearance over the last three months with ransom demands ranging from $250,000 to more than $2 million.
Post-mortem of New Zealand health board cyberattack: Practice incident response plans
SC Media, December 7, 2022
An assessment of the monthslong outage at New Zealand Waikato District Health Board last year revealed that despite being prepared and clear awareness of cybersecurity priorities, the response was dogged by a lack of practiced preparedness and a number of other missteps.
CommonSpirit says ransomware attack exposed patient information
Healthcare Dive, December 5, 2022
- Personal information of patients and their family and caregivers may have been accessed.
- System said it discovered that cyberattackers gained access to portions of its network.
- Impacted people may have received services from certain facilities of Virginia Mason Franciscan Health.
How a ransomware attack exacerbated St. Michael’s workforce shortage
Becker’s Health IT, December 5, 2022
Silverdale, Wash.-based St. Michael Medical Center experienced an October ransomware attack that exacerbated the hospital’s short staffing issues that have been persisting for months, Kitsap Sun reported Dec. 2.
The hospital was a part of the ransomware attack that plagued Chicago-based CommonSpirit facilities, and due to the attack, St. Michael’s had to shut down its Epic EHR system.
CISA, FBI Alert Healthcare Sector of Cuba Ransomware Tactics
Health IT Security, December 5, 2022
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory to warn critical infrastructure organizations of tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Cuba ransomware.
November was the second busiest month for ransomware attacks this year
SC Media, December 5, 2022
With LockBit malware claiming attacks on defense giant Thales and German firm Continental, November closed with the distinction of having the second most reported ransomware attacks this year, according to a new report.
CommonSpirit confirms network accessed a week before ransomware attack
SC Media, December 5, 2022
CommonSpirit Health issued an update on the ransomware attack that brought down multiple hospitals across the country for more than a month, confirming the threat actors first gained network access weeks before the attack and patient data was, indeed, accessed.
Top Cybersecurity Challenges Facing Healthcare Providers
Gov Info Security, December 3, 2022
With the surge in ransomware and other major hacking incidents affecting third-party suppliers, it is more critical than ever for healthcare sector entities to diligently scrutinize threats and risks involving their vendors, says Denise Anderson, president and CEO of the Health Information Sharing and Analysis Center.
The Week in Ransomware – December 2nd 2022 – Disrupting Health Care
Bleeping Computer, December 2, 2022
This week’s big news was the Colombia health system being severely disrupted by a ransomware attack on Keralty, one of the country’s largest healthcare providers. Patients have had to wait upwards of twelve hours to receive care, with reports of people fainting due to the lack of medical attention.
Approved for Public Release; Distribution Unlimited. Public Release Case Number 21-xxxx.