The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) this week alerted the sector to a new ransomware threat known as BlackSuit, which may be responsible for an October attack against an organization that provides medical scans and radiology services for almost 1,000 U.S. hospitals and health systems and caused the victim to shut down computer systems and turn away patients.
 
“The BlackSuit ransomware gang is appropriately identified by HC3 as an emerging and possibly significant ransomware threat to health care,” said John Riggi, AHA’s national advisor for cybersecurity and risk. “The use of malware coding with strong technical similarities to previous ransomware code associated with the Russian-speaking ransomware gang ‘Royal,’ a derivative of the notorious ‘Conti’ Russian ransomware gang, is very concerning. Both Royal and Conti were responsible for high-impact ransomware attacks against U.S. hospitals and health systems, resulting in major disruptions to health care delivery and risk to patient safety. The identified BlackSuit indicators of compromise should be promptly entered into network defensive and threat-hunting tools. Continued prioritization of ransomware preparedness, resiliency and recovery capabilities remains a necessity and may be enhanced by resources available at www.stopransomware.gov." 
 
For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity

Related News Articles

Headline
A guide published Jan. 13 by the Cybersecurity and Infrastructure Security Agency, National Security Agency, FBI, Environmental Protection Agency,…
Headline
In the last of this four-part conversation, four leaders from Scripps Health — Chris Van Gorder, president and CEO, Todd Walbridge, senior director of…
Headline
The Department of Health and Human Services Health Sector Cybersecurity Coordination Center Jan. 8 released guidance on cybersecurity for telehealth…
Headline
In the third of this four-part conversation, three experts from Scripps Health talk through the day their organization experienced a cyberattack, the…
Headline
The FBI Dec. 16 released an alert warning of malicious activity by cyber actors using Hiatus Remote Access Trojan malware to attack Chinese-branded web cameras…
Headline
The Cybersecurity and Infrastructure Security Agency is seeking comments on its draft National Cyber Incident Response Plan Update. The plan describes how the…