This appeared last week:
Hive ransomware actors have extorted over $100M from victims, says FBI
The U.S. government has warned of ongoing malicious activity by the notorious Hive ransomware gang, which has extorted more than $100 million from its growing list of victims.
A joint advisory released by the FBI, the U.S. Cybersecurity and Infrastructure Security Agency, and the Department of Health and Human Services on Thursday revealed that the Hive ransomware gang has received upwards of $100 million in ransom payments from more than 1,300 victims since the gang was first observed in June 2021.
This list of victims includes organizations from a wide range of industries and critical infrastructure sectors such as government facilities, communications and information technology, with a focus on healthcare and public health entities.
Hive, which operates a ransomware-as-a-service (RaaS) model, claimed the Illinois-based Memorial Health System as its first healthcare victim in August 2021. This cyberattack forced the health system to divert care for emergency patients and cancel urgent care surgeries and radiology exams. The ransomware gang also released sensitive health information of about 216,000 patients.
Then, in June 2022, the gang compromised Costa Rica’s public health service before targeting New York-based emergency response and ambulance service provider Empress EMS the following month. Over 320,000 individuals had information stolen, including names, dates of services, insurance information and Social Security numbers.
Just last month, Hive also added Lake Charles Memorial Health System, a hospital system in Southwest Louisiana, to its dark web leak site, where it posted hundreds of gigabytes of data, including patient and employee information.
More here:
https://techcrunch.com/2022/11/18/fbi-cisa-hive-ransomware-warning/
And in maybe worse news we have:
Ransomware Gangs Shift Tactics, Making Crimes Harder to Track
, Bloomberg News 18 Nov, 2022
(Bloomberg) -- Ransomware gangs increasingly use their own or stolen computer code, moving away from a leasing model that made their activities easier to monitor, new research shows.
Numerous prominent hacking groups in recent years have functioned by leasing their malicious software and computing infrastructure to other bad actors, in what’s known as ransomware-as-a-service. That model, which experts say turbocharged the number of ransomware attacks, was offered by infamous groups such as Conti, which shuttered Irish health systems, and REvil, deemed responsible for a 2021 intrusion at the IT management firm Kaseya Ltd.
But now the number of smaller hacking groups has rapidly increased, with many of them deploying their own code or stealing it from others, according to Allan Liska, a threat intelligence analyst at Recorded Future Inc. The shift has coincided with a reduction in activity by some higher-profile groups, according to research Liska presented Friday after the CYBERWARCON security conference.
The evolution is complicating efforts to track various new groups, such as Onyx, which researchers believe reuses Conti’s code and has claimed to target several victims.
“In the last year, ransomware has become a race to bottom among ransomware groups,” Liska said. As a result, gangs are “stealing from each other, lying even more than usual to victims and creating havoc among investigators and law enforcement.”
More here:
https://www.bnnbloomberg.ca/ransomware-gangs-shift-tactics-making-crimes-harder-to-track-1.1845249
What to say – it just seems to get worse and worse out there:
David.
No comments:
Post a Comment