Saturday, July 27, 2024

HomeCyberSecurityHHS warns industry about resurfaced ransomware group after attack on cancer center
CyberSecurity

HHS warns industry about resurfaced ransomware group after attack on cancer center

Emily Olsen
By Emily Olsen
0
81

Dive Brief:

  • The Department of Health and Human Services is alerting healthcare providers about the resurgence of a ransomware group after an attack on an unnamed U.S. cancer center “significantly reduced” its treatment capability, shut down digital services and threatened to expose patient identifiers and personal health information.
  • TimisoaraHackerTeam, or THT, is a “relatively unknown” group that has used legitimate products like Microsoft Bitlocker or Jetico’s BestCrypt to encrypt files on a computer system and demand ransom payments in Bitcoin, the cybersecurity notification said.
  • THT was first discovered by researchers in 2018, and the group was loosely tied to an attack against a French hospital in April 2021. The HHS said the healthcare sector is particularly vulnerable because of hospitals’ higher likelihood to pay a ransom, the high value of patient records and often weak security.

Dive Insight: 

Data breaches at healthcare organizations have been on the rise since 2010, and they’re increasingly caused by hacking incidents in which criminals demand payment in exchange for restored access to medical data.

The industry is a valuable target for hackers due to its wealth of data and weaker threat mitigation, according to a recent report from Moody’s Investors Service. The sector was also hurt by staff shortages and burnout during the COVID-19 pandemic.

The stakes are high, as cyberattacks against hospitals can compromise patient safety and access. A ransomware attack on CommonSpirit Health exposed protected health information of almost 624,000 late last year, preventing EHR access and delaying care. 

Attacks can also have significant financial impacts, especially for smaller hospitals. St. Margaret’s Health in rural Illinois recently shut its doors, blaming the closure in part on a ransomware attack in 2021.

HHS said THT could be linked to other ransomware groups like DeepBlueMagic — which was tied to an attack on a medical center in Israel, which was followed by a rash of cyberattacks on the country’s health sector — the China-affiliated state-sponsored group APT41.

THT is named after a Romanian town and its ransomware seemed to be developed by Romanian speakers, according to the brief. But analysts couldn’t say if THT was actually operating in the country or using a false lead.


Source link

Bookmark (0)
Previous article
Progress Software faces federal class action lawsuits as MOVEit breach exposure widens
Next article
Mondelēz retirement data breached after hacker targets law firm Bryan Cave
Emily Olsen
Emily Olsen
RELATED ARTICLES
- Advertisment -spot_img

Most Popular

Load more

Sponsored Business

- Advertisment -spot_img

EDITOR PICKS

POPULAR POSTS

POPULAR CATEGORY

Market World’s portal of services include news, marketing, development and ecommerce. We strive to meet the needs and provide high value for all visitors and customers. We offer digital services for small, mid-sized and large enterprise platforms. We treat our customers as partners and offer the tools and services for growth and success for your journey.

Become a Market World Entrepreneur

FOLLOW US              

© 2022 Market World LLC. All rights reserved