The FBI, Cybersecurity and Infrastructure Security Agency, and Australian Cyber Security Centre issued recommendations to help critical infrastructure organizations protect their networks from ransomware attacks and data extortion by a cybercriminal group known as BianLian. 

“The BianLian group, unlike most other ransomware groups, seems to rely primarily on technical exploitation of remote access tools rather than phishing emails,” said John Riggi, AHA’s national advisor for cybersecurity and risk. “The BianLian group has also evolved its tactics to focus on data extortion — theft of sensitive data and threatening to publicize it unless a ransom is paid. The primary recommendations to mitigate this threat are ensuring all remote access software is strictly controlled, monitored and external access limited. As always, phishing-resistant multifactor authentication is a foundational cybersecurity practice, which should also be employed along with the other recommended mitigations contained in this alert.” 

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity

Related News Articles

Headline
The Department of Justice last week announced a new strategic approach to combating cybercrime which involves "using all tools” to disrupt cybercriminals and…
Perspective
When hospitals are attacked, lives are threatened. This is the reality our entire field faces every day. But the never-ending barrage of ransomware and…
Headline
The FBI, National Security Agency and Cyber National Mission Force last week issued a joint advisory about recent actions of China-linked cyber actors…
Headline
The Health Information Sharing and Analysis Center last week announced that Veeam, a software company that provides data protection, backup and disaster…
Headline
The Cybersecurity and Infrastructure Security Agency Aug. 21 published guidance providing best practices for event logging to mitigate cyberthreats. The…
Headline
The AHA has released five new tip sheets designed to fortify crisis leadership competencies during emergency events such as cyberattacks, natural disasters and…