Advisory
Hospitals That Are Oracle Customers Urged to Take Immediate Action to Address Security Vulnerability
• Hive Ransomware Overview
• Legitimate Applications and Closed Source Code
• Hive Ransomware Attacks
• Hive Ransomware Activity Targeting the U.S. HPH
• Hive Tactics, Techniques, and Procedures (TTPs)
• Mitigations
First observed in June 2021
• According to the Federal Bureau of Investigation (FBI), it “likely operates as an affiliate-based ransomware”
• Double extortion ransomware
• Human-operated attacks
• Uses legitimate commercial applications
• Utilizes their own closed-source ransomware (complied for both 32-bit and 64-bit machines)
• Possible Russian-speaking actors
View the entire report below.
For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact: