Ransomware Impacts

Bleeping Computer, April 26, 2022

The American Dental Association (ADA) was hit by a weekend cyberattack, causing them to shut down portions of their network while investigating the attack.

Read full Bleeping Computer articles.

SC Media, April 26, 2022

In an update to its initial September 2021 breach notice, Smile Brands has assessed that the ransomware attack and subsequent data theft impacted approximately 2.6 million individuals. Smile Brands is a dental support services vendor.

Read full SC Media article.

Venture Beat, April 25, 2022

The Hive threat group has been targeting organizations across the finance, energy and healthcare sectors as part of coordinated ransomware attacks since June 2021.

During the attacks, the group exploits ProxyShell vulnerabilities in MSFT Exchange servers to remotely execute arbitrary commands and encrypt the data of companies with this unique ransomware strain.

Read full Venture Beat article.

Health IT Security, April 20, 2022

HHS’s Health Sector Cybersecurity Coordination Center (HC3) issued an analyst note regarding Hive ransomware group, the notorious cybercrime group responsible for multiple attacks against the healthcare sector.

Read full Health IT Security article.

CSO, April 19, 2022

M-Trends 2022 report delivers detailed assessment of the evolving global cyber threat landscape highlighting prevalent attack vectors and most targeted industries.

Read full CSO article.

Hacker News, April 18, 2022

An 18-month-long analysis of the PYSA ransomware operation has revealed that the cybercrime cartel followed a five-stage software development cycle from August 2020, with the malware authors prioritizing features to improve the efficiency of its workflows.

Read full Hacker News article.

State Tech, April 18, 2022

A recently released report, “The State of Ransomware in Government 2021,” underwritten by security firm Sophos, labeled the scourge of ransomware a “national emergency.”

Read full State Tech article.

Krebson Security, April 18, 2022

One of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other healthcare facilities since first surfacing in 2018 under its earlier name, “Ryuk.”

Read full Krebson Security article.

Security Brief, April 13, 2022

Ransomware payments hit new records in 2021 as cybercriminals increasingly turned to Dark Web leak sites where they pressured victims to pay up by threatening to release sensitive data, according to research from Unit 42 by Palo Alto Networks.

The average ransom demand in cases worked by the Palo Alto Networks Unit 42 security consultants rose 144% in 2021 to $2.2 million, while the average payment climbed 78% to $541,010, the report found.

Read full Security Brief article.

Health IT Security, April 11, 2022

BakerHostetler saw an uptick in data breach lawsuits in the weeks following incident notification, especially against healthcare organizations.

Read full Health IT Security article.

Health IT Security, April 11, 2022

As healthcare data breaches continue to impact small and large organizations across the country, accompanying data breach lawsuits are becoming increasingly common. Law firm BakerHostetler’s latest data security incident report showed an increase in duplicative lawsuits, often resulting in steep defense and settlement costs.

Read full Health IT Security article.

The Register, April 7, 2022

An increased willingness on the part of enterprises to invest in cybersecurity may finally be starting to make a difference, according to US law giant BakerHostetler.

Read full The Register article.