Security News

If you want to understand a little more about it, your Naked Security article explains it incredibly well for people that are not normally acquainted with things like APIC controllers. Do you think, Chester, that they've targeted the Conti gang because they had a little bit of dishonour among thieves, as it were?

In Q2 2022, Kroll observed a 90% increase in the number of healthcare organizations targeted in comparison with Q1 2022, dropping the final nail in the coffin for the "Truce" some criminal groups instituted earlier in the COVID-19 pandemic. Ransomware helped to fuel this uptick against healthcare as attacks increased this quarter to once again became the top threat, followed closely by email compromise.

Cynerio and the Ponemon Institute have examined the current impact of cyberattacks on healthcare facilities and network-connected IoT and medical devices, and found multiple alarming trends. The Insecurity of Connected Devices in HealthCare 2022 Report surveyed 517 experts in leadership positions at hospitals, clinics, healthcare service providers, and healthcare systems throughout the United States.

A class action lawsuit has been filed in the Northern District of California against Meta, the UCSF Medical Center, and the Dignity Health Medical Foundation, alleging that the organizations are unlawfully collecting sensitive healthcare data about patients for targeted advertising. According to the lawsuit, neither the hospitals nor Meta informs the patients about the data collection, no user consents are requested, and there is no visible indication of this process.

The U.S. Department of Justice has announced the seizure of approximately $500,000 in Bitcoin, paid by American health care providers to the operators of the Maui ransomware strain. At the start of this month, Maui was highlighted by the FBI and CISA as a new North Korean-backed ransomware operation extorting western organizations with encryption attacks.

Professional Finance Company, a Colorado-based debt collector whose customers include hundreds of US hospitals, medical clinics, and dental groups, recently disclosed that more than 1.9 million people's private data - including names, addresses, social security numbers and health records - was exposed during a ransomware infection. In a notice [PDF] posted on its website, PFC said it "Detected and stopped a sophisticated ransomware attack" on February 26 this year, during which criminals accessed files containing data from more than 650 healthcare providers [PDF].

Security vulnerabilities pose a risk to any organization, as attackers can take advantage of them to launch malware, infiltrate networks and compromise sensitive data. A recent report from security firm Cyber SecurityWorks looks at how security flaws can be weaponized to attack healthcare organizations.

Several federal agencies are warning healthcare organizations that they are under threat of attacks from North Korean state-sponsored actors employing a unique ransomware that targets files with surgical precision, according to U.S. federal authorities. Another characteristic of Maui that diverges from other ransomware is that it appears to be designed for manual execution by a threat actor, allowing its operators to "Specify which files to encrypt when executing it and then exfiltrate the resulting runtime artifacts," Cutler wrote.

Professional Finance Company Inc., a full-service accounts receivables management company, says that a ransomware attack in late February led to a data breach affecting over 600 healthcare organizations. While PFC did not share the exact number of affected healthcare providers, it linked to a PDF file listing all the impacted orgs containing the names of 657 healthcare entities.

The U.S. government is warning healthcare companies to watch for and protect themselves against ongoing ransomware attacks from cybercriminals sponsored by North Korea. In a joint advisory posted Wednesday, the FBI, Cybersecurity and Infrastructure Security Agency, and Department of the Treasury cautioned that these state-sponsored attackers have been using Maui ransomware to target hospitals, laboratories and other public and private healthcare organizations.