KNOW is Netenrich’s news-aggregator and threat intel dashboard that allows you to check and analyze the most trending threats and stories in the cybersecurity landscape. Today, we are going to check the “US Elections” category and see the most trending stories.
It looks like the FBI has issued a warning about ransomware assaults on the US healthcare systems. Let’s dig in more and find out what we can about this story.
US Healthcare Under Attack
The FBI and two federal agencies announced that they had received credible information of an “increased and imminent cybercrime threat to US hospitals and healthcare providers.” The attacks will be via the use of ransomware that could lead to “data theft and disruption of healthcare services.”
Independent security experts claim that at least four US hospitals have already been affected this month. This is yet another instance of an increasing number of cyberattacks in the US public and private sectors as we head into the November elections. The most likely suspects are Russian-speaking cybercriminals (like Energetic Bear) who use the Ryuk ransomware.
Thoughts from Twitter
BREAKING: The FBI and federal agencies say a major ransomware assault threatens the U.S. healthcare system. The attack has hobbled at least four hospitals and could impact hundreds more.
There is an imminent and increased cybercrime threat to U.S. hospitals and healthcare providers.
We released an advisory with the @FBI & @HHSgov about this #ransomware threat that uses #Trickbot and #Ryuk malware.
Russia is behind the massive cyberattack against up to 400 US hospitals, officials say, in what is being described as one of the largest ransomware attacks in history.
KNOW More about Ryuk
KNOW has already attached the Ryuk story card to the story:
Ryuk ransomware first appeared in August 2018. While not incredibly active across the globe, at least three organizations were hit with Ryuk infections over the first two months of its operations, landing the attackers about $640,000 in ransom for their efforts.
Let’s check out some of the references that KNOW has collated for Ryuk.
KNOW References for Ryuk
- Total references: 18,844
- References in the last 60 days: 1,603
- References in the last 7 days: 727
Ryuk context from KNOW
- Risk rules triggered: 7 out of 48
- Related threat actors: FIN6, Wizard Spider, GRIM SPIDER, MixMaster, and Hidden Cobra.
- Industries targetted: Healthcare, Hospitals, Energy & Natural Resources, Education, Media & Entertainment, Information Technology, and Logistics.
- Related Intrusion Methods: Double Extortion, Phishing, Data Exfiltration, Spear Phishing, Data exfiltrate, Credential Stealing, Malware, etc.
- Most recent sandbox sighting: Any Run Sandbox result for ryuk.bin
- Hashes: 57
- Domains: 9
Stay Updated with the Latest Threats Surrounding the US Election Threats
Use KNOW’s platform to stay up-to-date with the latest and the hottest stories surrounding the US elections. In fact, our CISO Brandon Hoffman has been regularly writing about the increasing number of cyberattacks that the US public and private sectors have been facing leading into the elections. Recently, he wrote about the impact of disinformation campaigns. Do you want to check it out?Of course I do
Following that, you should check out the other stuff he has written as a part of the National Cyber Security Awareness Month series.Interesting. I want to check it out.
Oh, and before you leave, you should sign up for KNOW. Not only will it help you to obtain the most critical threat context, but you can also directly export lists to update firewalls, discover domains linked to major threats, uncover new IPs to blacklist, see what industries are being targeted, and much more.
The best part? You will get all this for completely free.
So, what are you waiting for?Sign me up for KNOW!