Ransomware Impacts
Thirty-nation ransomware summit is ‘first of many’ to marshal international action
SC Media, October 13, 2021
The U.S. is kicking off a two-day ransomware summit with 30 other nations today, part of a broader effort by the Biden administration to marshal an international coalition to harden the global digital ecosystem’s legal and technical infrastructure against the attacks.
FACT SHEET: Ongoing Public U.S. Efforts to Counter Ransomware
The White House, October 13, 2021
This week the National Security Council is facilitating an international counter-ransomware event with over 30 partners to accelerate cooperation on improving network resilience, addressing the financial systems that make ransomware profitable, disrupting the ransomware ecosystem via law enforcement collaboration, and leveraging the tools of diplomacy to address safe harbors and improve partner capacity.
Ransomware attack on Quest’s ReproSource impacts data of 350K patients
SC Media, October 12, 2021
Approximately 350,000 patients were recently notified that their data was potentially accessed or acquired during a ransomware attack on ReproSource Fertility Diagnostics, a clinical laboratory for fertility specialists and a subsidiary of Quest Diagnostics.
Ransomware is the biggest cyber threat to business. But most firms still aren’t ready for it
ZD Net, October 11, 2021
Many firms have no incident response plans or they don’t ever test their cyber defences, says cybersecurity chief.
Inventive Ransomware Group Focused On Healthcare Data
Cyber Security Intelligence, October 7, 2021
Ransomware groups have increased their attacks on hospitals and health service providers as Coronavirus pandemic persists and this is because of the sensitive information they carry, including information like social security numbers, financial and other personal data. A new ransomware gang called Vice Society claims it has obtained confidential patient data following an attack in August on California’s United Health Centers, which suffered a ransomware attack that disrupted several locations.
The stolen data includes insurance benefits, financial documents and laboratory test results and Vice Society has now begun leaking the stolen data.
HHS Warns Healthcare Sector About LockBit 2.0 Threats
Gov Info Security, October 7, 2021
Ransomware Variant Updated; Group Claimed Credit for Accenture Attack.
Federal regulators are warning healthcare and public health sector organizations of potential attacks by the ransomware group LockBit 2.0 and its affiliates.
FIN12 hits healthcare with quick and focused ransomware attacks
Bleeping Computer, October 7, 2021
While most ransomware actors spend time on the victim network looking for important data to steal, one group favors quick malware deployment against sensitive, high-value targets.
It can take less than two days for the FIN12 gang to execute on the target network a file-encrypting payload – most of the time Ryuk ransomware.
HC3 Warns Health Sector Against LockBit Ransomware Variant
Health IT Security, October 6, 2021
LockBit Ransomware launched in September 2019 and claimed responsibility for an August 2021 attack on Accenture.
Lawsuits allege death, morbidity from cyberattacks: Is this the next phase of medical malpractice?
SC Media, October 6, 2021
Last week, a headline caught mainstream media’s attention: a lawsuit claimed a ransomware attack led to the death of her newborn. A lawsuit filed in the same timeframe alleged a patient’s care was diminished due to network outages at a hospital’s vendor.
Indiana health system diverts ambulances, reverts to paper records amid ransomware attack
Becker’s Health IT, October 6, 2021
Hackers are demanding ransom from Johnson Memorial Hospital as the Franklin, Ind.-based health system grapples with an ongoing cyberattack, according to an Oct. 5 WTHR 13 report.
The health system has reverted to using paper and pen after the ransomware attack took its computer systems offline.
Adopt NIST cybersecurity standards, health care leader urges
SC Media, October 5, 2021
At a basic level, the health care sector is a human-focused business with highly advanced technologies and a public expectation to drive innovation — often within stringent resources. Despite a tremendous amount of endpoints and advanced technologies, providers must protect themselves using The Health Insurance Portability and Accountability Act Security Rule.
Johns Hopkins CISO: Complexity of health care requires ‘adversarial security’ model
SC Media, October 4, 2021
High-profile ransomware attacks left health care in the spotlight in the last year as a vertical that struggles to manage its security posture amid dire circumstances. But Darren Lacey, chief information security officer and director of IT compliance for Johns Hopkins University and Johns Hopkins Medicine sees it a bit differently.
Approved for Public Release; Distribution Unlimited. Public Release Case Number 21-xxxx.