Medical companies are at the top of the list for hackers. They have tons of information and PII, great for stealing identities, packaging and selling on the dark web and generally using to create mayhem. Health and Human Services (HHS) released a report recently that highlighted the top threat actors impacting medical companies during Q1 of 2022. A majority of the attacks were 'Ransomware as a Service' groups. The five groups responsible for the majority of attacks are:
LockBit 2.0: On Feb. 7, HHS and the FBI released a joint alert warning of the LockBit 2.0 ransomware group stating the group uses techniques such as purchased access, unpatched vulnerabilities, insider access and zero-day exploits. Despite claims from the group stating that it does not target the healthcare sector, the HHS found that it was responsible for 31 percent of attacks on the healthcare sector.
Conti: Conti ransomware, which is known for stealing files, encrypting servers and demanding a ransom payment, was responsible for 31 percent of attacks on the healthcare sector. The State Department is currently offering a $10 million reward for information that will lead to the identification of key leaders of the group.
SunCrypt: SunCrypt, which is still "under development," according to the HHS, was responsible for 16 percent of attacks on the healthcare sector.
Blackcat: BlackCat, also known as ALPHAV, was launched in November 2021. According to HHS, Blackcat was responsible for 11 percent of attacks on the healthcare sector. The group is known for targeting large organizations and demanding ransom payments of several million dollars in Bitcoin or Monero.
Hive: Hive, which exfiltrates data and encrypts files held on a network, was responsible for an attack on Marietta, Ohio-based Memorial Health System that shutdown its IT network in August 2021. The HHS determined that the group was responsible for 11 percent of attacks on the healthcare sector.
So the question is, what can you do and what does this really mean for you as a medical provider? First, I would say check out our blog a couple weeks ago about ZeroTrust cybersecurity. ZeroTrust is the best way to fight these gangs and is the solid foundation for medical cybersecurity and medical IT support. The second part of this is to make sure that your cybersecurity is a good as you think it is (or get an audit if you aren't sure how good it is!). Check out our FREE offer for a security assessment. We can do an assessment of your current IT environment and help you find holes or issues in the current IT setup. We aren't looking to bash anyone, but if you don't know it's broken, how can you fix it?
