In a joint advisory, the FBI, CISA, and HHS have issued a stark warning to healthcare organizations in the United States about the heightened risk of targeted ALPHV/Blackcat ransomware attacks. This cautionary announcement follows a series of alerts dating back to April 2022 and underscores the severity of the threat posed by the BlackCat cybercrime gang, suspected to be a rebrand of infamous ransomware groups DarkSide and BlackMatter.
The advisory highlights that ALPHV Blackcat affiliates have shown a notable focus on the healthcare sector. The FBI, in particular, has linked BlackCat to over 60 breaches within its first four months of activity, accumulating a staggering $300 million in ransoms from over 1,000 victims up until September 2023.
Recent developments indicate a shift in BlackCat’s targeting strategy, with the healthcare sector becoming a prime victim since mid-December 2023. This shift aligns with an administrator’s call for affiliates to target hospitals following operational actions against the group and its infrastructure earlier that month.
Notably, the warning coincides with a cyberattack on UnitedHealth Group subsidiary Optum, affecting Change Healthcare, a crucial payment exchange platform in the U.S. healthcare system. Although not confirmed, the attack has been linked to the BlackCat ransomware group, and sources suggest the threat actors exploited the ScreenConnect auth bypass vulnerability (CVE-2024-1709) for initial access.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: