The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) this week alerted the sector to a new ransomware threat known as BlackSuit, which may be responsible for an October attack against an organization that provides medical scans and radiology services for almost 1,000 U.S. hospitals and health systems and caused the victim to shut down computer systems and turn away patients.
 
“The BlackSuit ransomware gang is appropriately identified by HC3 as an emerging and possibly significant ransomware threat to health care,” said John Riggi, AHA’s national advisor for cybersecurity and risk. “The use of malware coding with strong technical similarities to previous ransomware code associated with the Russian-speaking ransomware gang ‘Royal,’ a derivative of the notorious ‘Conti’ Russian ransomware gang, is very concerning. Both Royal and Conti were responsible for high-impact ransomware attacks against U.S. hospitals and health systems, resulting in major disruptions to health care delivery and risk to patient safety. The identified BlackSuit indicators of compromise should be promptly entered into network defensive and threat-hunting tools. Continued prioritization of ransomware preparedness, resiliency and recovery capabilities remains a necessity and may be enhanced by resources available at www.stopransomware.gov." 
 
For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity

Related News Articles

Headline
The U.S. Department of Justice, United Kingdom and other global partners have seized control of servers used by the LockBit ransomware-as-a-service group,…
Headline
Bryan Smith, recently retired chief of the FBI’s Cyber Criminal Operations Section, discusses the challenge of protecting the nation's caregivers and patients…
Headline
The National Institute of Standards and Technology this week released updated guidance to help HIPAA-covered entities and business associates assess and manage…
Headline
The FBI Feb. 15 released an alert to help organizations detect and reduce the risk of network compromise from the Warzone Remote Access Trojan, a malware…
Headline
The health care sector should quickly implement patches or mitigations to address 21 new cyber vulnerabilities identified by the Cybersecurity and…
Headline
The Department of Justice has disrupted a botnet of hundreds of small office and home office routers hijacked by hackers sponsored by the People’s Republic of…