Here are the most active cyber threats facing healthcare, according to a January report from BlackBerry Cybersecurity Consulting that used telemetry to detect malware between September and November 2022.
— TA505 is a cybercrime group known for sending large amounts of malicious email, with a variety of malware at its disposal, and uses Locky ransomware as its primary tool for attacks.
— APT32, believed to be based in Vietnam, has operated since at least 2014 and employs strategic web compromise, remote access trojans, and steganography, or hiding secret data in another file, to embed malicious payload in a PNG image.
— TA542 is a cybercriminal group believed to have helped create the Emotet malware, and is atypical in that it typically takes breaks for several months before returning with a new variant.