How Criminals Extort Healthcare Victims With Ransomware
Healthcare Info Security, December 14, 2022
Ransomware operations have become expert at finding ways to make a victim pay, and healthcare organizations are no exception. But experts say there are multiple steps healthcare sector entities in particular can take to better protect themselves and ensure that in the event of an attack, they can quickly restore systems and never have to consider paying a ransom.
Irish Healthcare Ransomware Hack Cost Over 80 Million Euros
Bank Info Security, December 13, 2022
A ransomware attack on the Irish healthcare system in 2021 has caused 80 million euros in damages and counting as the government continues to notify victims of the incident that their personal information was illegally accessed and copied.
BlackCat, LockBit 3.0 ransomware target healthcare with customizable tactics, triple extortion
SC Media, December 13, 2022
Healthcare cybersecurity leaders are being urged to review the IOCs and the recommended proactive measures for defending against BlackCat and LockBit 3.0 ransomware variants given the continued targeting of healthcare environments.
Most of the 10 largest healthcare data breaches in 2022 are tied to vendors
SC Media, December 12, 2022
Ninety percent of 10 largest healthcare data breaches reported this year were caused by third-party vendors, much like in 2021. The fallout for many of these cyberattacks resulted in impacts for multiple connected providers, with two of these vendor incidents affecting hundreds of providers.
LockBit 3.0 Ransomware
HHS, December 12, 2022
HC3: Analyst Note. Report: 202212121700
LockBit 3.0 Ransomware
LockBit 3.0 is the newest version of the LockBit ransomware that was first discovered in September 2019. The ransomware family has a history of using the Ransomware-as-a-service (RaaS) model and typically targets organizations that could pay higher ransoms. Historically, this ransomware employs a double extortion technique where sensitive data is encrypted and exfiltrated. The actor requests payment to decrypt data and threatens to leak the sensitive data if the payment is not made.
HHS warns Royal ransomware threat targeting healthcare providers
SC Media, December 8, 2022
Since the emergence of the human-operated ransomware threat group known as Royal in September, the Department of Health and Human Services Cybersecurity Coordination Center has been made aware of targeted cyberattacks against the healthcare sector.
Royal-based attacks have steadily increased in appearance over the last three months with ransom demands ranging from $250,000 to more than $2 million.
Post-mortem of New Zealand health board cyberattack: Practice incident response plans
SC Media, December 7, 2022
An assessment of the monthslong outage at New Zealand Waikato District Health Board last year revealed that despite being prepared and clear awareness of cybersecurity priorities, the response was dogged by a lack of practiced preparedness and a number of other missteps.
CommonSpirit says ransomware attack exposed patient information
Healthcare Dive, December 5, 2022
- Personal information of patients and their family and caregivers may have been accessed.
- System said it discovered that cyberattackers gained access to portions of its network.
- Impacted people may have received services from certain facilities of Virginia Mason Franciscan Health.
How a ransomware attack exacerbated St. Michael’s workforce shortage
Becker’s Health IT, December 5, 2022
Silverdale, Wash.-based St. Michael Medical Center experienced an October ransomware attack that exacerbated the hospital’s short staffing issues that have been persisting for months, Kitsap Sun reported Dec. 2.
The hospital was a part of the ransomware attack that plagued Chicago-based CommonSpirit facilities, and due to the attack, St. Michael’s had to shut down its Epic EHR system.
CISA, FBI Alert Healthcare Sector of Cuba Ransomware Tactics
Health IT Security, December 5, 2022
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory to warn critical infrastructure organizations of tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Cuba ransomware.