Subscribe To Our Newsletter!

Stay up to date on the top trending threats as well as the top stories in Security, Networks, Cloud, IT Ops & AIOps.

US Healthcare Industry Under Attack? KNOW More

Ransomware attacks to paralyze the US healthcare system?

Post by Rajarshi Mitra In Security on Oct 29, 2020

KNOW is Netenrich’s news-aggregator and threat intel dashboard that allows you to check and analyze the most trending threats and stories in the cybersecurity landscape. Today, we are going to check the “US Elections” category and see the most trending stories.

us healthcare

It looks like the FBI has issued a warning about ransomware assaults on the US healthcare systems. Let’s dig in more and find out what we can about this story.

US Healthcare Under Attack

The FBI and two federal agencies announced that they had received credible information of an “increased and imminent cybercrime threat to US hospitals and healthcare providers.” The attacks will be via the use of ransomware that could lead to “data theft and disruption of healthcare services.”

Independent security experts claim that at least four US hospitals have already been affected this month. This is yet another instance of an increasing number of cyberattacks in the US public and private sectors as we head into the November elections. The most likely suspects are Russian-speaking cybercriminals (like Energetic Bear) who use the Ryuk ransomware.

Thoughts from Twitter

@AP

BREAKING: The FBI and federal agencies say a major ransomware assault threatens the U.S. healthcare system. The attack has hobbled at least four hospitals and could impact hundreds more.

@CISAgov

There is an imminent and increased cybercrime threat to U.S. hospitals and healthcare providers.

We released an advisory with the @FBI & @HHSgov about this #ransomware threat that uses #Trickbot and #Ryuk malware.

@ScottMStedman 

Russia is behind the massive cyberattack against up to 400 US hospitals, officials say, in what is being described as one of the largest ransomware attacks in history.

KNOW More about Ryuk

KNOW has already attached the Ryuk story card to the story:

us healthcare

Ryuk ransomware first appeared in August 2018. While not incredibly active across the globe, at least three organizations were hit with Ryuk infections over the first two months of its operations, landing the attackers about $640,000 in ransom for their efforts.

Let’s check out some of the references that KNOW has collated for Ryuk.

KNOW References for Ryuk

ransomware

  • Total references: 18,844
  • References in the last 60 days: 1,603
  • References in the last 7 days: 727

Ryuk context from KNOW

  • Risk rules triggered: 7 out of 48
  • Related threat actors: FIN6, Wizard Spider, GRIM SPIDER, MixMaster, and Hidden Cobra.
  • Industries targetted: Healthcare, Hospitals, Energy & Natural Resources, Education, Media & Entertainment, Information Technology, and Logistics.
  • Related Intrusion Methods: Double Extortion, Phishing, Data Exfiltration, Spear Phishing, Data exfiltrate, Credential Stealing, Malware, etc.
  • Most recent sandbox sighting: Any Run Sandbox result for ryuk.bin
  • Hashes: 57
  • Domains: 9

Stay Updated with the Latest Threats Surrounding the US Election Threats

Use KNOW’s platform to stay up-to-date with the latest and the hottest stories surrounding the US elections. In fact, our CISO Brandon Hoffman has been regularly writing about the increasing number of cyberattacks that the US public and private sectors have been facing leading into the elections. Recently, he wrote about the impact of disinformation campaigns. Do you want to check it out?

Of course I do

Following that, you should check out the other stuff he has written as a part of the National Cyber Security Awareness Month series.

Interesting. I want to check it out.

Oh, and before you leave, you should sign up for KNOW. Not only will it help you to obtain the most critical threat context, but you can also directly export lists to update firewalls, discover domains linked to major threats, uncover new IPs to blacklist, see what industries are being targeted, and much more.

The best part? You will get all this for completely free.

So, what are you waiting for?

Sign me up for KNOW!
CONNECT WITH US

About Author

Rajarshi is a creative and accomplished writer who made his mark in the blockchain space before stepping into cybersecurity. When he is not working, he is busy chilling with his wife and cat, catching up on the latest Netflix docu-series.....or watching Harry Potter for the 5781241516th time.