Cybercriminal gang RansomHub has encrypted and stolen data from at least 210 victims, including in healthcare and public health, since forming in February, according to an Aug. 29 notice from the Cybersecurity and Infrastructure Security Agency. The group was reportedly behind the hack of Change Healthcare that has been called the largest-ever cyberattack in healthcare.
The ransomware-as-a-service variant’s affiliates practice so-called double extortion, where they both encrypt and exfiltrate data. They typically give victims three to 90 days to pay ransom before publishing the stolen information to the dark web.
CISA recommends that organizations install operating system, software and firmware updates upon their release, require phishing-resistant (i.e. nontext-based) multifactor authentication for as many services as possible, and train staff to recognize and report phishing attempts.
At the Becker's 11th Annual IT + Revenue Cycle Conference: The Future of AI & Digital Health, taking place September 14–17 in Chicago, healthcare executives and digital leaders from across the country will come together to explore how AI, interoperability, cybersecurity, and revenue cycle innovation are transforming care delivery, strengthening financial performance, and driving the next era of digital health. Apply for complimentary registration now.
