Secuzine

spot_img

Father of Molly Russell honoured with MBE for contributions to online child safety

Ian Russell acknowledged his contribution to online child safety through the establishment of the Molly Rose Foundation, reflecting on Molly's legacy. He emphasises the...

Healthcare Providers Hit by BlackCat Ransomware, Sparking Data Security Concerns

In a recent cybersecurity incident that has sent shockwaves through the healthcare industry, the EHR and integrated healthcare IT vendor, NextGen Healthcare, fell victim to the notorious BlackCat ransomware group. This new ransomware variant believed to operate since late 2021, has raised serious data security concerns within the healthcare sector.

Operations at NextGen Healthcare have since been restored to normal, according to the company’s official statement. The BlackCat ransomware group, also known as ALPHV, is suspected to be a successor to the infamous BlackMatter, and their demands have reached staggering heights, with ransoms reportedly as high as $1.5 million. The Office of Information Security at the U.S. Health and Human Services and the Health Sector Cybersecurity Coordination Center have revealed that affiliates of BlackCat typically retain 80-90% of the ransom payments.

The Russian-based BlackCat ransomware group made headlines earlier this year for allegedly targeting NextGen Healthcare on January 17, as reported by The Washington Post. BlackCat ransomware took responsibility for the attack, even showcasing an alleged sample of NextGen information on its extortion site—an often-used tactic to pressure victims into paying ransoms. However, this listing was later removed, as initially reported by Databreaches.net on January 21.

According to a joint briefing by the Office of Information Security (OIS) and Health Sector Cybersecurity Coordination Center (HC3), the individuals behind BlackCat ransomware are believed to be highly skilled and experienced cybercriminals. They have targeted critical infrastructure worldwide, with a particular focus on U.S.-based entities.

This malicious group employs triple extortion tactics, involving gaining unauthorized access, stealing data, encrypting it, and then threatening to leak the data alongside distributed denial of service (DDoS) attacks.

The emergence of BlackCat comes in the wake of the BlackMatter ransomware-as-a-service going silent in October 2021. It rebranded as BlackCat early the following year, launching two attacks on German oil companies. Despite BlackMatter’s apparent cessation, the HC3 warned in February 2022 that other threat actors seeking lucrative payouts from ransomware attacks are likely to fill the void left behind.

Recent findings from the Ponemon Institute revealed that the most prevalent impact reported by healthcare providers is an increase in patients being transferred or diverted to other facilities, affecting 70% of those surveyed. Ransomware has become a persistent and evolving threat to the healthcare industry, emphasizing the need to maintain strong cybersecurity measures to protect patient data.