Security News > 2022 > October > Alert: This ransomware preys on healthcare orgs via weak-ass VPN servers

Federal agencies are warning of a threat group called Daixin Team that is using ransomware and data extortion tactics to target US healthcare organizations.
In a recent advisory, the Cybersecurity and Infrastructure Security Agency, FBI, and Department of Health and Human Services said the group has attacked multiple entities since at least June, deploying ransomware to encrypt data on servers used for a range of services, including electronic health records, diagnostic, imaging, and intranet services.
Healthcare facilities have become a favorite public sector target of ransomware and extortion operators, which isn't surprising given the amount of sensitive data they hold, the number of connected devices they operate, and the fact that disruption to critical care could pressure organizations to pay the ransom.
According to cybersecurity firm Emsisoft, at least 68 healthcare providers that between them operate 1,203 sites were affected by ransomware in 2021.
Darren Williams, founder and CEO of Blackfog, told The Register that healthcare is consistently in the top three of targeted sectors by ransomware operators.
HHS warned in an advisory earlier this year that the Hive ransomware group also was targeting healthcare facilities.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/10/24/cisa_fbi_daixin_ransomware/
Related news
- New NailaoLocker ransomware used against EU healthcare orgs (source)
- Like whitebox servers, rent-a-crew crime 'affiliates' have commoditized ransomware (source)
- Ransomware gang creates tool to automate VPN brute-force attacks (source)
- RedCurl cyberspies create ransomware to encrypt Hyper-V servers (source)
- For healthcare orgs, DR means making sure docs can save lives during ransomware infections (source)