FBI alerts organizations to OnePercent Group ransomware attacks, mitigations

Aug 24, 2021 - 12:50 PM
Cybersecurity Lock on Gold Wall

The FBI yesterday alerted U.S. organizations to ransomware attacks by a group using phishing emails to access victim networks and download Cobalt Strike threat emulation software. The alert includes indicators of compromise associated with attacks by the so-called OnePercent Group and recommended mitigation actions for affected organizations. 

John Riggi, AHA senior advisor for cybersecurity and risk, said, “The relatively low profile OnePrecent ransomware group is using common tactics such as phishing emails for initial compromise, then common technical tools such as Cobalt Strike and Powershell to spread the ransomware throughout the victim network. As we have seen several high-impact ransomware attacks targeting hospitals and health systems since Aug. 2, I recommend that any and all ransomware alerts issued by the government be given special attention. I and the AHA are closely coordinating with FBI, the Cybersecurity & Infrastructure Security Agency and HHS to exchange information relevant to ransomware attacks for the benefit of the field.”  

For more on this or other cyber and risk issues, contact Riggi at jriggi@aha.org
 

Related News Articles

Headline
FBI warns of cyber actors exploiting end-of-life routers
The FBI's Internet Crime Complaint Center released an alert May 7 warning of cyber actors exploiting vulnerabilities in end-of-life routers. Routers dated 2010…
Headline
FBI warns of malicious text, voice-messaging campaign impersonating senior U.S. officials
The FBI’s Internet Criminal Complaint Center May 15 released an alert warning of a malicious text and voice messaging campaign involving impersonators…
Headline
AHA blog — 3 Must-know Cyber and Risk Realities: What’s Ahead for Health Care in 2025 
In his latest AHA Cyber Intel blog, John Riggi, AHA national advisor for cybersecurity and risk, examines the state of cyber and physical threats in 2025 as…
Headline
Report: Health care had most reported cyberthreats in 2024 
Health care had more cyberthreats last year than any other critical infrastructure industry, according to the FBI's 2024 Internet Crime Report released April…
Headline
NSA report includes recommendations for OT device security
The National Security Agency April 23 released a report on operational technology systems that includes recommendations for security policies and technical…
Chairperson's File
Chair File: Leadership Dialogue — Cybersecurity in Health Care with John Riggi, AHA’s National Advisor for Cybersecurity and Risk
Public
Cybersecurity and physical threats are unfortunately significant enterprise risks for health care, regardless of size or location. Every hospital, physician…