Royal is one of the major ransomware gangs targeting healthcare, and the FBI and Cybersecurity and Infrastructure Security Agency gave tips for averting its attacks.
The three main takeaways from the agencies' March 2 advisory:
1. Prioritize remediating known exploited vulnerabilities.
2. Train users to recognize and report phishing attempts.
3. Enable and enforce multifactor authentication.
Royal hackers disable antivirus software before exfiltrating data and encrypting IT systems, according to the notice. They demand ransom ranging from $1 million to $11 million in Bitcoin.
"Reports show this is a highly sophisticated group, with many members being former Conti ransomware members — with them having familiarity with healthcare, having experienced team members and adding in the element that they have an effective attack methodology," Steven Ramirez, chief information security officer of Reno, Nev.-based Renown Health, told Becker's in a Feb. 2 story.