Security News
Ransomware gang LockBit is claiming responsibility for an attack on a Chicago children's hospital in an apparent deviation from its previous policy of not targeting nonprofits.Stooping to new lows, the criminals are reportedly unwilling to reverse the attack on Saint Anthony Hospital, as they had done in previous cases such as Toronto's SickKids hospital.
A former Trickbot developer has been sent down for five years and four months for his role in infecting American hospitals and businesses with ransomware and other malware, costing victims tens of millions of dollars in losses. Trickbot initially infected PCs to steal people's login details to their online bank accounts, so that funds could be siphoned.
US hospitals will be required to meet basic cybersecurity standards before receiving federal funding, according to rules the White House is expected to propose in the next few weeks. The Centers for Medicare and Medicaid Services, an arm of the US Department of Health and Human Services, is reportedly drawing up rules connecting hospital IT security with funding, which are set to take effect before the end of the year.
The idea being, it seems, that those patients and the media coverage from any swatting will put pressure on the US hospital to pay up and end the extortion. "Fred Hutchinson Cancer Center was aware of cyber criminals issuing swatting threats and immediately notified the FBI and Seattle police, who notified the local police," a spokesperson told The Register today.
We did not see much research released on ransomware this week, with most of the news focusing on new attacks and LockBit affiliates increasingly targeting hospitals. The most concerning news is that LockBit affiliates increasingly target hospitals in attacks, even though the ransomware operation says it's against the rules.
Two not-for-profit hospitals in New York are seeking a court order to retrieve data stolen in an August ransomware attack and now stored on the servers of a Boston cloud storage company. The LockBit ransomware gang claimed responsibility for breaching and stealing sensitive files from their systems in late August, with a press release published by the hospitals one week later saying the incident forced them to redirect patients requiring urging care to other hospitals' emergency departments.
German hospital network Katholische Hospitalvereinigung Ostwestfalen has confirmed that recent service disruptions at three hospitals were caused by a Lockbit ransomware attack. It severely impacted the systems that support the operations of three hospitals in Bielefeld, Rheda-Wiedenbrück, and Herford, Germany.
Two British teens who were members of the Lapsus$ gang have been sentenced for their roles in a cyber-crime spree that included compromising Uber, Nvidia, and fintech firm Revolut, and also blackmailing Grand Theft Auto maker Rockstar Games. Arion Kurtaj, 18, of Oxfordshire, was sentenced Thursday to detention at a hospital in the UK for an indefinite amount of time.
Kurtaj who is 18 years of age and autistic is among the primary Lapsus$ threat actors, and was involved in the leak of assets associated with the video game, Grand Theft Auto VI. Sentenced to life in a 'secure hospital'. Arion Kurtaj, a member of the Lapsus$ cybercrime group, was sentenced indefinitely to a "Secure hospital" by a British judge, according to a BBC report.
The U.S. Department of Health and Human Services warned hospitals this week to patch the critical 'Citrix Bleed' Netscaler vulnerability actively exploited in attacks. "The Citrix Bleed vulnerability is being actively exploited, and HC3 strongly urges organizations to upgrade to prevent further damage against the Healthcare and Public Health sector. This alert contains information on attack detection and mitigation of the vulnerability," HC3 warned.