A new wave of cyber attacks from the Karakurt ransomware gang are reported to healthcare providers. The warning came months after CISA and FBI disclosed operational technical data on the group, along with evidence of infiltration and mock ransom notes.
A dentistry practice, an assisted care facility, a supplier, and a hospital were all impacted by the attacks. The healthcare industry should continue to be on high alert and keep an eye out for any signs of compromise, experts assert.
According to HC3, Karakurt’s “massive cyberbullying efforts against victims to disgrace them are what is most alarming.”
Karakurt has been seen buying stolen login details or acquiring access to users who have already been hacked through third-party intrusion broker networks in order to access victim machines.
Fortinet FortiGate SSL VPN appliances, Log4Shell, old Microsoft Windows Server instances, and outdated SonicWall SSL VPN appliances are just a few examples of the intrusion flaws the organization is known to use to get initial access.
HHS Alert
Karakurt first emerged in late 2021, according to a warning from the Department of Health and Human Services Cybersecurity Coordination Center (HC3), they are likely connected to the Conti ransomware organization, either through a working relationship or as a side company.
Given that the Conti ransomware organization has successfully attacked more than 16 healthcare providers since early 202
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: