Ransomware Impacts

Infosecurity, December 1, 2022

Colombian healthcare provider Keralty reported a ransomware attack on Sunday, which affected its systems as well as two of its subsidiaries: EPS Sanitas and Colsanitas.

Read full Infosecurity article.

Des Moines Register, December 1, 2022

Personal information for patients of St. Michael Medical Center and other Virginia Mason Franciscan Health facilities may have been accessed in a cyberattack this fall, CommonSpirit Health acknowledged Thursday.

Read full Des Moines Register article.

CISA, December 1, 2022

The Federal Bureau of Investigation (FBI) and CISA released a joint Cybersecurity Advisory (CSA) #StopRansomware: Cuba Ransomware to provide network defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Cuba ransomware.

Read full CISA article.

Bleeping Computer, November 30, 2022

The Keralty multinational healthcare organization suffered a RansomHouse ransomware attack on Sunday, disrupting the websites and operations of the company and its subsidiaries.

Read full Bleeping Computer article.

Health IT Security, November 29, 2022

Ransomware attacks continue to be the most prolific threat that organizations face across all infrastructure verticals, with the healthcare sector as a top target, according to the GuidePoint Security Q3 GRIT Ransomware report.

Read full Health IT Security article.

Healthcare IT News, November 28, 2022

On 23 November, the All India Institute of Medical Sciences in New Delhi, India reported an IT outage due to a suspected ransomware attack.

Read full Healthcare IT News article.

Healthcare Info Security, November 24, 2022

India’s premier healthcare institute reported a massive cyberattack on its servers on Wednesday. All patient care services were affected and were still operating manually on Thursday.

Read full Healthcare Info Security article.

CPO Magazine, November 22, 2022

Hive ransomware, one of the biggest ransomware-as-a-service (RaaS) strains circulating since 2021, has at this point brought in $100 million in ransom payments according to a new alert released by the Cybersecurity and Infrastructure Security Agency (CISA). The total victim count is at least 1,300 organizations, and the group is notorious for spitefully dumping other types of ransomware on target systems when they refuse to make payment.

Read full CPO Magazine article.

HHS, November 21, 2022

HC3: Analyst Note. Report: 202211211700
Lorenz Ransomware

Lorenz is human-operated ransomware that has been in operation for approximately two years. In that time, HC3 is aware of the compromise of healthcare and public sector targets. It is used to target larger organizations in what is called “big-game hunting”, and publishes data publicly as part of pressuring victims in the extortion process. Lorenz is known to target organizations globally using customized code, and can demand hundreds of thousands of dollars in ransoms.

Download HC3 Report as PDF.

SC Media, November 21, 2022

The Department of Health and Human Services Cybersecurity Coordination Center is warning larger, enterprise healthcare organizations of the potential threat posed by the Lorenz ransomware threat group.

The human-operated campaign is well-known for its big-game hunting of larger organizations and has claimed victims in both the healthcare and public health sectors.

Read full SC Media article.

Becker’s Health IT, November 21, 2022

From a third-party data breach to phishing schemes that compromised employee email accounts, seven health systems have been affected by a cybersecurity incident since Oct. 27.

Read full Becker’s Health IT article.

SC Media, November 21, 2022

The Department of Health and Human Services Cybersecurity Coordination Center is warning larger, enterprise healthcare organizations of the potential threat posed by the Lorenz ransomware threat group.

Read full SC Media article.