Security News > 2022 > December > Healthcare systems face a “royal” cybersecurity threat from new hacker group
U.S. healthcare organizations could be in the crosshairs of a new cyberthreat collective dubbed Royal.
The warning from HHS's Health Sector Cybersecurity Coordination Center identified the relatively new group as perps behind several attacks first appearing in September 2022 against Healthcare and Public Healthcare targets.
According to the report, the Royal ransomware group - an apparently money-motivated outfit with no affiliates - deploys a 64-bit executable written in C++ targeting Windows systems.
A report last month from Microsoft Security noted that the Royal ransomware is also being distributed by the threat group DEV-0569, which, according to Microsoft, is actively evolving to incorporate new "Discovery techniques, defense evasion and various post-compromise payloads, alongside increasing ransomware facilitation."
The Royal group's own tactics are evolving, according to HC3, which reported that Royal started with an encryptor from ransomware-as-a-service purveyor ALPHV, aka BlackCat, then began using their own to generate a ransomware note in a README.TXT with a link to the victim's private negotiation page.
"Royal is a newer ransomware, and less is known about the malware and operators than others" said HC3. "Additionally, on previous Royal compromises that have impacted the HPH sector, they have primarily appeared to be focused on organizations in the United States. In each of these events, the threat actor has claimed to have published 100% of the data that was allegedly extracted from the victim."
News URL
https://www.techrepublic.com/article/healthcare-systems-face-royal-cybersecurity-threat/
Related news
- THN Cybersecurity Recap: Top Threats, Tools and News (Oct 21 - Oct 27) (source)
- Everything You Need to Know about the Malvertising Cybersecurity Threat (source)
- 6 key elements for building a healthcare cybersecurity response plan (source)
- THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 - Nov 03) (source)
- The cybersecurity gender gap: How diverse teams improve threat response (source)
- THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04 - Nov 10) (source)
- Hacker gets 10 years in prison for extorting US healthcare provider (source)
- THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 - Nov 17) (source)
- THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 18 - Nov 24) (source)
- THN Recap: Top Cybersecurity Threats, Tools and Tips (Nov 25 - Dec 1) (source)