Hospital financial ratings remain vulnerable to cyberattacks, according to a new assessment from Fitch Ratings. Meanwhile, hacker advocates and blackmail gangs are recycling strains of ransomware, and hacker affiliates are offering larger payouts. Those are just some of the cybersecurity trends in healthcare that we’re tracking this week.
Coordinated KillNet DDoS Attacks Highlight Possibility of Rating Drops
Fitch Ratings says recent coordinated distributed denial-of-service attacks against hospital websites such as ChristianaCare’s are unlikely to result in any downgrades at this time, but Cyberattacks that compromise services and affect hospital financial records are possible.
Last week, the pro-Russian hacktivist group KillNet, known for its DDoS attacks on critical infrastructure in countries that support Ukraine, took down around 20 hospital websites in several states in one blow. hit seems skillful.
“Given what we know at this time, DDoS attacks are not expected to have any significant financial or operational impact on hospitals,” Fitch analysts said. targets due to their short and relatively superficial effects”.
While the patient portal and health records remained secure and some of the affected entities quickly restored their websites, Fitch noted that coordinated cyberattacks were the most common until now. now and is foreshadowing its scale.
“Deploying a more sophisticated cyber weapon that compromises service and affects a hospital’s financial record could negatively affect ratings.”
LockBit Green Appears
Malware researchers who closely monitor communications between ransomware groups say LockBit reused the Conti encoder, launching it as LockBit Green.
According to experts, LockBit has shifted to prioritizing data filtering and combining its services and approaches to improve recruitment efforts.
According to a report by BleepingComputer, the use of an algorithm based on Conti’s source code has confused some researchers, but LockBit Green’s victims are starting to increase. One company conjectured that former Conti members preferred LockBit Green after the announcement because they were more “comfortable”.
Chris Fisher, director of security engineering at cybersecurity firm Vectra APJ, said the leaked 2021 Conti ransomware-as-a-service guidebook details how the bad guys caught it. heads move sideways in an environment to increase their chances of successfully encoding their target. Healthcare IT News that year.
New Nevada Ransomware
A new study reveals a new strain of ransomware emerged earlier this year with similarities to Petya designed to target Windows servers and VMware ESXi systems. It does not include English speaking affiliates and offers 85% or 90% payouts.
Resecurity said on its blog that Nevada is written in Rust and, like Hive, was recently hacked by the FBI. The company also said it purchased Linux and Windows-based versions of the new ransomware and discovered more recent updates that improve functionality in the affiliate portal.
“The project is well presented on the RAMP underground forum and has attracted interest from trusted cybercriminals, who may be joining them after shutting down other major ransomware networks,” according to the post. post.
Andrea Fox is the senior editor of Healthcare IT News.
Email: [email protected]
Healthcare IT News is a publication of HIMSS.
