The American Hospital Association is warning hospitals to be on the lookout for a ransomware group that uses double-extortion tactics.
The FBI, Cybersecurity and Infrastructure Security Agency and Australian Cyber Security Centre released a joint advisory June 4 on the Play ransomware group, which has hacked about 900 victims worldwide across business and critical infrastructure since 2022. Employing a double-extortion model, the group both steals data and encrypts systems, according to the report.
“Play ransomware was among the most active cyberthreat groups in 2024,” said Scott Gee, AHA deputy national advisor for cybersecurity and risk, in a June 5 news release. “As threat actors shift tactics, it is critical that network defenders keep pace. The double-layered extortion model and encryption of systems, as well as theft of data, pose a serious potential risk to hospitals and the delivery of healthcare.”
