Reading Room
10 more anesthesia practices added to healthcare management breach tally
SC Media, November 9, 2022
The Department of Health and Human Services breach reporting tool shows at least 10 more anesthesia practices have been added to the “data security incident” at a healthcare management company, first reported in October.
Venus Ransomware Targets Publicly Exposed Remote Desktop Services
HHS, November 9, 2022
HC3: Analyst Note. Report: 202211091400
Venus Ransomware Targets Publicly Exposed Remote Desktop Services
HC3 is aware of at least one healthcare entity in the United States falling victim to Venus ransomware recently. The threat actors behind Venus ransomware operations are known to target publicly exposed Remote Desktop Services to encrypt Windows devices. This report provides additional information, indicators of compromise, techniques and corresponding mitigations associated with Venus ransomware.
Hackers Dump Australian Health Records Online After Insurer Refuses to Pay Ransom
MSN, November 9, 2022
Stolen health records for millions of Australians have been publicly released on the dark web following a threat by hackers 24 hours earlier to do precisely that. Last month, the unknown hackers demanded a ransom from Medibank, a private insurance provider in Australia, which the company refused to pay.
Vast majority of SMBs are concerned about a ransomware attack on their business
SC Media, November 8, 2022
OpenText Security Solutions on Monday reported that some 84% of respondents to a small- and mid-sized business (SMB) survey are concerned about a ransomware attack on their business.
Medibank refuses to pay ransom for hacked data affecting 9.7 million customers
SC Media, November 7, 2022
Medibank, Australia’s largest health insurer, announced Monday that it will not pay a ransom to the hacker behind the recent data theft affecting 9.7 million customers.
US Treasury says financial ransomware losses topped $1.2 billion last year
SC Media, November 4, 2022
US financial institutions processed roughly $1.2 billion in ransomware-related payments last year, a nearly 200 percent increase compared to 2020, according to the Treasury Department.
Ransomware: Not enough victims are reporting attacks, and that’s a problem for everyone
ZD Net, November 1, 2022
Ransomware continues to be a significant cyber threat to businesses and the general public – but it’s difficult to know the true impact of attacks because many victims aren’t coming forward to report them.
Ransomware attack halts services at Osaka hospital
The Asahi Shimbun, November 1, 2022
A major hospital here suspended routine medical services after a ransomware cyberattack shut down the facility’s electronic medical record system, officials said on Oct. 31.
Osaka General Medical Center in the city’s Sumiyoshi Ward is still performing emergency operations, but it has stopped providing outpatient services and postponed other surgeries, hospital officials said at a news conference.
Ransomware: ‘Amateur’ Tactics Lead Fewer Victims to Pay
Gov Info Security, October 31, 2022
Why are so many ransomware-wielding attackers collectively shooting themselves in the foot? Ransomware victims who opt to pay a ransom have been seeing a “decline in quality and reliability” when it comes to quickly restoring affected systems, ransomware incident response firm Coveware reports.
White House convenes international summit to thwart ransomware threats
MSN, October 31, 2022
The White House is hosting its second annual summit, involving dozens of countries and tech companies, to thwart the threat of ransomware attacks.