Security News > 2024 > April > US Health Dept warns hospitals of hackers targeting IT help desks

US Health Dept warns hospitals of hackers targeting IT help desks
2024-04-06 15:09

The U.S. Department of Health and Human Services warns that hackers are now using social engineering tactics to target IT help desks across the Healthcare and Public Health sector.

The sector alert issued by the Health Sector Cybersecurity Coordination Center this week says these tactics have allowed attackers to gain access to targeted organizations' systems by enrolling their own multi-factor authentication devices.

"The funds were then transferred to overseas accounts. During the malicious campaign, the threat actor also registered a domain with a single letter variation of the target organization and created an account impersonating the target organization's Chief Financial Officer."

The tactics described in the Health Department alert are very similar to those used by the Scattered Spider threat group, which also uses phishing, MFA bombing, and SIM swapping to gain initial network access.

Scattered Spider hackers recently encrypted MGM Resorts' systems using BlackCat/ALPHV ransomware.

FBI, CISA warn US hospitals of targeted BlackCat ransomware attacks.


News URL

https://www.bleepingcomputer.com/news/security/us-health-dept-warns-hospitals-of-hackers-targeting-it-help-desks/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Health 1 0 4 2 1 7