December 22, 2022 TLP:CLEAR Report: 202212221500 Executive Summary HC3 is closely tracking hacktivist groups which have previously affected a wide range of countries and industries, including the United States Healthcare and Public Health (HPH) sector. One of these hacktivist groups—dubbed ‘KillNet’—recently targeted a U.S. organization in the healthcare industry. The group is known to launch…
Just snarky or dangerous? Ransomware gang cloned victim’s website to leak stolen data
Ionut Ilascu reports: The ALPHV ransomware operators have gotten creative with their extortion tactic and, in at least one case, created a replica of the victim’s site to publish stolen data on it. It appears that ALPHV, also known as BlackCat ransomware, is known for testing new extortion tactics as a way to pressure and shame their…
Why Do Ransomware Victims Pay for Data Deletion Guarantees?
Mathew J. Schwartz reports: Many ransomware-wielding attackers are expert at preying on their victims’ compulsion to clean up the mess. Hence victims often face a menu of options: Pay a ransom for a decryptor, and you’ll be able to unlock forcibly encrypted data. Pay more, and your name gets deleted from the list of victims…
New Data Quantifies Ransomware Attacks on Healthcare Providers
Hannah Neprash and Alan Z. Rozenshtein write: In a new JAMA Health Forum Original Investigation, we and our co-authors address this data gap. We have created the Tracking Healthcare Ransomware Events and Traits (THREAT) database, a comprehensive accounting of 374 ransomware attacks on U.S. healthcare delivery organizations from 2016-2021. To assemble this database we used…
Ransomware group claims to have encrypted Centro Médico Virgen De La Caridad
Hive has added yet another medical entity to its leak site. This time, it’s Centro Médico Virgen De La Caridad health system in Cartagena, Spain. The system consists of two hospitals (Cartagena and Caravaca), 20 polyclinics, 23 physiotherapy clinics, and 16 dental clinics throughout Murcia and Orihuela Costa. In addition, the group has one aesthetic…
Bristol Community College acknowledges ransomware attack
Stephen Peterson reports: The computer systems of Bristol Community College were hacked in a “ransomware” incident, college officials acknowledge. The college, which has a campus in Attleboro, said in a statement posted Friday on its website their computer network was hacked by a “criminal cyberattack” and “this incident involved ransomware encryption.” Read more at The…