Health

HC3 warns HCOs to step up against FIN11 cybercrime now

Photo of news7g news7g06/20/2023
1 1 minute read
HC3 warns HCOs to step up against FIN11 cybercrime now



Given FIN11’s history of conducting extensive campaigns exploiting zero-day vulnerabilities to steal data and deploying ransomware in software commonly used in healthcare, the HCOs should “consider FIN11 a top priority for their security teams.”

WHY IT IMPORTANT

HC3 released a new threat agent profile last week on FIN11, a cybercrime collective originating from the Commonwealth of Independent States.

The agency said in the filing: “FIN11 typically conducts high-volume operations that primarily target companies in various industries in North America and Europe to steal data and deploy deploying ransomware, mainly taking advantage of CL0P (aka CLOP)”.

FIN11 overlaps with Odinaff, Sectoj04, TA505, TEMP.Warlock, Lace Tempest, DEV-0950 Hive0065 and Group G0092; HC3 Analysts lists several malware associations and all known tactics, techniques, and processes.

According to a report in HIPAA Magazine.

TREND TO BIGGER WOMAN

HC3 says the recent zero-day exploit in secure managed file transfer software MOVEit Transfer was caused by FIN11.

“The list of organizations that disclosed data breaches following these attacks includes the national public healthcare system,” the analysts said.

Last week, a joint advisor from the Cybersecurity and Infrastructure Agency and the FBI warned health and other systems about the Clop MFT TTP ransomware.

The CISA brief states that CL0P is using LEMURLOOT, a web shell written in C# designed to target the MOVEit Transfer platform, and has added the vulnerability to the List of Known Exploits.

ON PROFILE

While HC3 cannot confirm exactly how many and which CL0P ransomware attacks can be attributed to FIN11, HC3 has observed about 30 incidents involving CL0P ransomware in the United States. [healthcare and public health sector] as of 2021,” the agency said in the report.

“These affected organizations either provide direct patient care or are considered health plans and/or payers.”

Andrea Fox is the senior editor of Healthcare IT News.
Email: [email protected]
Healthcare IT News is a publication of HIMSS Media.

Photo of news7g news7g06/20/2023
1 1 minute read
Photo of news7g

news7g

News7g: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

CMS proposed rule would increase hospital price transparency

CMS proposed rule would increase hospital price transparency

08/14/2023
Walgreens won't sell the abortion pill mifepristone in some conservative states

Walgreens sells Option Care Health shares for $330 million

06/11/2023
Reducing calories by only 14% boosts your health

Reducing calories by only 14% boosts your health

02/25/2022
HHS will distribute Tamiflu to the states from the national stockpile

HHS will distribute Tamiflu to the states from the national stockpile

12/21/2022
Back to top button