Davey Winder reports:
There are two types of scumbag in the cybercrime world: those who pick on vulnerable individuals to perpetrate their fraud, and those who target healthcare in search of illicit financial gains. The latter are, thankfully, much rarer than the former. However, hospitals have been on the ransomware and hacking radar before now, and I have had the disheartening task of reporting on them. The New York Blood Center attack, a million patient records exfiltrated by hackers, and even an FBI warning regarding patient hardware backdoors. Now, a new threat intelligence report has revealed how financially motivated Chinese cybercriminals are targeting government offices, the energy sector, factories, financial services, and, yes, hospitals across the globe. However, North America and the U.K. have been most attacked by the Ghost ransomware hackers.
According to a new report from Rebecca Harpur at Blackfog, the Ghost threat campaigns are operated by a financially motivated group from China and don’t have any known state affiliations. These attacks are, Hurpur said, “driven by profit rather than espionage.” It’s also known that Ghost has gone by many other names over the years, before ending up at this one: Cring, Crypt3r and Hello, as well as a closely related Phantom moniker. “By constantly rebranding,” Harpur explained, “Ghost makes it more difficult for authorities to pin down its activities as one group.”
Read more at Forbes.