Security News > 2020 > May > Ransomware attack on Colorado hospital highlights fears of more healthcare hostage situations
In addition to the attack on the hospital in the Czech Republic, she cited a number of healthcare cyber incidents in France, Spain and Thailand, adding that there needs to be more collaboration worldwide on protecting critical health infrastructure in times of crisis.
Ransomware attacks on healthcare providers rose 350% in the fourth quarter of 2019, and Emsisoft research shows that more than 759 healthcare providers were hit with ransomware last year.
"Multiple ransomware groups that have been accumulating access and maintaining persistence on target networks for several months activated dozens of ransomware deployments in the first two weeks of April 2020. So far the attacks have affected aid organizations, medical billing companies, manufacturing, transport, government institutions, and educational software providers, showing that these ransomware groups give little regard to the critical services they impact, global crisis notwithstanding," Microsoft wrote.
"Many of these attacks started with the exploitation of vulnerable internet-facing network devices; others used brute force to compromise RDP servers. The attacks delivered a wide range of payloads, but they all used the same techniques observed in human-operated ransomware campaigns: credential theft and lateral movement, culminating in the deployment of a ransomware payload of the attacker's choice. Because the ransomware infections are at the tail end of protracted attacks, defenders should focus on hunting for signs of adversaries performing credential theft and lateral movement activities to prevent the deployment of ransomware."
"If you have not prepared for a ransomware attack but discover you've been hit, it is important to bring in technical experts, legal teams, and law enforcement. It's good to know who is behind the attack and what their propensity is for unlocking data after being paid."
News URL
Related news
- Possible China link to Change Healthcare ransomware attack (source)
- Change Healthcare registers pulse after crippling ransomware attack (source)
- Change Healthcare faces second ransomware dilemma weeks after ALPHV attack (source)
- Change Healthcare’s ransomware attack costs edge toward $1B so far (source)
- The Week in Ransomware - March 1st 2024 - Healthcare under siege (source)
- Change Healthcare attack latest: ALPHV bags $22M in Bitcoin amid affiliate drama (source)
- Fidelity customers' financial info feared stolen in suspected ransomware attack (source)
- Fidelity customers' financial info feared stolen in suspected ransomware attack (source)
- Uncle Sam intervenes as Change Healthcare ransomware fiasco creates mayhem (source)
- Alert: GhostSec and Stormous Launch Joint Ransomware Attacks in Over 15 Countries (source)