HHS alerts health care sector to new ransomware threat

Nov 09, 2023 - 03:18 PM
cybersecurity-hand-lock-graphic_900x400

The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) this week alerted the sector to a new ransomware threat known as BlackSuit, which may be responsible for an October attack against an organization that provides medical scans and radiology services for almost 1,000 U.S. hospitals and health systems and caused the victim to shut down computer systems and turn away patients.
 
“The BlackSuit ransomware gang is appropriately identified by HC3 as an emerging and possibly significant ransomware threat to health care,” said John Riggi, AHA’s national advisor for cybersecurity and risk. “The use of malware coding with strong technical similarities to previous ransomware code associated with the Russian-speaking ransomware gang ‘Royal,’ a derivative of the notorious ‘Conti’ Russian ransomware gang, is very concerning. Both Royal and Conti were responsible for high-impact ransomware attacks against U.S. hospitals and health systems, resulting in major disruptions to health care delivery and risk to patient safety. The identified BlackSuit indicators of compromise should be promptly entered into network defensive and threat-hunting tools. Continued prioritization of ransomware preparedness, resiliency and recovery capabilities remains a necessity and may be enhanced by resources available at www.stopransomware.gov." 
 
For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity

Related News Articles

Perspective
Strengthening Cybersecurity to Protect Patients and Access to Care
When hospitals are attacked, lives are threatened. This is the reality our entire field faces every day. But the never-ending barrage of ransomware and…
Headline
Agencies issue advisory on China-linked cyber actors using botnet for attacks on U.S. networks 
The FBI, National Security Agency and Cyber National Mission Force last week issued a joint advisory about recent actions of China-linked cyber actors…
Headline
Veeam Software issues patches for exploitable security flaws
The Health Information Sharing and Analysis Center last week announced that Veeam, a software company that provides data protection, backup and disaster…
Headline
CISA releases guidance on best practices for event logging and cyberthreat detection 
The Cybersecurity and Infrastructure Security Agency Aug. 21 published guidance providing best practices for event logging to mitigate cyberthreats. The…
Headline
New AHA resources for managing public health emergencies
The AHA has released five new tip sheets designed to fortify crisis leadership competencies during emergency events such as cyberattacks, natural disasters and…
Headline
Agencies alert health sector of Iranian and Russian cyber threats
The FBI, Cybersecurity and Infrastructure Agency and the Department of Defense Cyber Crime Center Aug. 29 issued a joint advisory to warn of Iranian-based…