Healthcare sector warned of ALPHV BlackCat ransomware after surge in focused assaults – Cyber Tech

What’s occurred?

The US authorities warned healthcare organizations concerning the threat of being focused by the ALPHV BlackCat ransomware after a surge in assaults.

I believed ALPHV BlackCat had been taken down by the cops?

Nicely remembered. Shortly earlier than Christmas, the US Division of Justice (DOJ) introduced that it had disrupted the gang’s operations and seized decryption keys to assist a whole lot of victims unlock their information with out paying a ransom.

So what’s gone unsuitable?

I am afraid ALPHV BlackCat got here again.

In reality, inside hours of the DOJ’s announcement, the ransomware gang mentioned it had “unseized” its area and threatened retaliation towards nations that assisted in its takedown and knowledgeable associates they have been now free to assault hospitals.

“Due to their actions, we’re introducing new guidelines, or reasonably, we’re eradicating ALL guidelines, besides one, you can not contact the CIS (vital infrastructure sectors), now you can block hospitals, nuclear energy crops, something, anyplace.”

So, they are not taking part in good anymore?

They by no means actually “performed good.”

And based on an up to date advisory revealed by the US Cybersecurity and Infrastructure Safety Company (CISA), healthcare has been the “mostly victimized” sector by the ALPHV BlackCat ransomware gang since mid-December 2023.

Pharmacies in the US, together with Walgreens and CVS Well being. A ransomware assault towards know-how supplier Change Healthcare is disrupting the flexibility of pharmacies to meet orders from sufferers who want to pay for his or her medical prescriptions by way of their insurance coverage.

ALPHV BlackCat claimed accountability for the assault towards Change Healthcare and mentioned it stole 6TB value of information.

So, if I am unable to pay money for my meds it is BlackCat’s fault?

Proper.

What does the up to date advisory say?

It is value studying even if you happen to do not work in healthcare – it is not simply hospitals and their suppliers in danger from ransomware assaults.

The advisory consists of probably the most present identified indicators of compromise (IOCs), and particulars of the methods related to the ALPHV BlackCat gang and its associates.

ALPHV Blackcat associates usually use social engineering to realize preliminary entry to your organization’s community. As an example, the attackers have been identified to pose as IT and helpdesk workers on the focused firm, utilizing telephone calls and SMS messages to trick unsuspecting workers into handing over login credentials.

The place can I learn extra about BlackCat?

In February 2022, we revealed an FAQ, “BlackCat ransomware – what it’s good to know” which is a superb start line.

Editor’s Observe: The opinions expressed on this visitor creator article are solely these of the contributor and don’t essentially mirror these of Tripwire.