HHS OCIO HC3 TLP White Threat Briefing – Qbot/QakBot August 5, 2021

Greetings,

Please see the attached HHS Office of the Chief Information Officer HC3 Threat Briefing – Qbot/QakBot. You may distribute through your appropriate channels for the level of information as marked (TLP: WHITE).

Agenda

  • History of Qbot Malware
  • Qbot Tactics, Techniques, and Procedures (TTPs)
  • Qbot Ransomware Partners
  • Q2 2021 Qbot Attacks
  • Retaliation and Aftermath
  • Mitigations
  • References

View the entire report below.

Provide feedback on this product via the HC3 Customer Feedback Form at https://www.surveymonkey.com/r/HC3survey.

If you have any additional questions or have feedback, contact us at HC3@hhs.gov.

To view our archive of products, visit our website at www.HHS.gov/HC3.

The HHS OCIO HC3 Team

Key Resources

Related Resources

Advisory
AHA and Health-ISAC Joint Threat Bulletin: Indicators of Compromise Related to Recent Health Care Ransomware Attack
Member
Advancing Health Podcast
Leadership Dialogue Series: Cybersecurity and the Fight to Safeguard Health Care
Public
Leadership Rounds
Leadership Dialogue
Public
Special Bulletin
UPDATE: AHA and Health-ISAC Threat Advisory: FBI Advises No Specific Credible Threat Targeting Hospitals
Public
Special Bulletin
AHA and Health-ISAC Bulletin on Threat to Hospitals
Member
AHA Center for Health Innovation Market Scan
Rural Hospitals Move to Enhance Cybersecurity