Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label U.S. healthcare. Show all posts

Healthcare in Crosshairs: ALPHV/Blackcat Ransomware Threat Escalates, FBI Issues Warning

 

In a joint advisory, the FBI, CISA, and HHS have issued a stark warning to healthcare organizations in the United States about the heightened risk of targeted ALPHV/Blackcat ransomware attacks. This cautionary announcement follows a series of alerts dating back to April 2022 and underscores the severity of the threat posed by the BlackCat cybercrime gang, suspected to be a rebrand of infamous ransomware groups DarkSide and BlackMatter. 

The advisory highlights that ALPHV Blackcat affiliates have shown a notable focus on the healthcare sector. The FBI, in particular, has linked BlackCat to over 60 breaches within its first four months of activity, accumulating a staggering $300 million in ransoms from over 1,000 victims up until September 2023. Recent developments indicate a shift in BlackCat's targeting strategy, with the healthcare sector becoming a prime victim since mid-December 2023. This shift aligns with an administrator's call for affiliates to target hospitals following operational actions against the group and its infrastructure earlier that month. 

Notably, the warning coincides with a cyberattack on UnitedHealth Group subsidiary Optum, affecting Change Healthcare, a crucial payment exchange platform in the U.S. healthcare system. Although not confirmed, the attack has been linked to the BlackCat ransomware group, and sources suggest the threat actors exploited the ScreenConnect auth bypass vulnerability (CVE-2024-1709) for initial access. 

The joint advisory emphasizes the critical need for healthcare organizations, considered part of the nation's critical infrastructure, to implement robust mitigation measures against Blackcat ransomware and data extortion incidents. Authorities urge these entities to bolster cybersecurity safeguards, specifically tailored to counteract prevalent tactics, techniques, and procedures commonly employed in the Healthcare and Public Health (HPH) sector. This development underscores the evolving nature of cyber threats, especially within the healthcare landscape, and the necessity for proactive measures to safeguard sensitive patient data and critical infrastructure. 

The FBI, CISA, and HHS have shared indicators of compromise to assist organizations in identifying potential threats, emphasizing the importance of collaboration to combat the persistent and evolving threat posed by ransomware groups like BlackCat. As the healthcare sector grapples with escalating cyber risks, the advisory serves as a stark reminder of the urgent need for comprehensive cybersecurity measures, including timely patching of vulnerabilities and robust incident response plans. Organizations are encouraged to stay vigilant, collaborate with cybersecurity agencies, and prioritize the security of their networks and systems to mitigate the impact of ransomware attacks. 

The U.S. State Department's substantial rewards for information leading to the identification or location of BlackCat gang leaders underscore the severity of the threat and the government's commitment to dismantling these cybercriminal operations. In this high-stakes environment, the healthcare industry must remain resilient, continually adapting to emerging threats, and fortifying its defenses against ransomware attacks.

Chinese Firms Infiltrate into U.S. Healthcare Data

 

The gulf between the two most powerful nations has widened after the United States National Counterintelligence and Security Center (NCSC) revealed that Chinese firms have secured access to U.S. healthcare data by collaborating with universities, hospitals, and various other research organizations.

According to the reports of the agency the People’s Republic of China (PRC) has successfully managed to infiltrate the US healthcare data, including genomic data via a variety of sources both legal and illegal. The agency also claimed that by securing access to the U.S. healthcare data, China is expanding the growth of its Artificial Intelligence and precision medicine firms.

NCSC wrote in a fact sheet that “for years, the People’s Republic of China (PRC) has collected large healthcare data sets from the U.S. and nations around the globe, through both legal and illegal means, for purposes only it can control. The PRC’s collection of healthcare data from America poses equally serious risks, not only to the privacy of Americans but also to the economic and national security of the U.S.”.

According to the agency, China’s access to the US healthcare and genomic data have raised serious concerns regarding the privacy and national security of the United States, there has been an escalation in the efforts of China during the Covid-19 pandemic with Chinese biotech firm offering Covid-19 testing kits to the majority of the nations and setting up 18 test labs in the past six months, allegedly as part of an attempt to secure health data. 

The agency wrote, “the PRC understands the collection and analysis of large genomic data sets from diverse populations helps foster new medical discoveries and cures that can have substantial commercial value and advance its precision medicine industries”.

The Chinese government is using health data and DNA as a weapon to suppress and control its own people, in the Xinjiang province of China the Uighur population had been forced to give fingerprints, blood groups, and other private data.