Rhysida Ransomware Trains Its Sights on Healthcare Operations

  /     /     /  
Publicated : 23/11/2024   Category : security


Rhysida Ransomware Trains Its Sights on Healthcare Operations


The new group has already made an impact in multiple countries and industries, including a multistate hospital chain in the US.



Government agencies and cybersecurity firms are on being more vigilant after the US Department of Health and Human Services (HHS) detailed an alert with an overview of Rhysida ransomware.
Rhysida is a ransomware-as-a-service (RaaS) group that is still in its early stages of development, first emerging in May.
According to the alert
, the group drops the ransomware through phishing attacks and Cobalt Strike to breach targets networks and deploy their payloads. It then exploits its victims by calling for a ransom, threatening to publicly distribute the stolen data if the group is not paid. PDF notes are left on the folders that have been affected in the network, with instructions on how to contact the group and make Bitcoin payment.
The victims of the group span various countries in Western Europe, both North and South America, and Australia. Rhysida targets education, government, manufacturing, and technology and managed service sectors, and it has expanded into the
healthcare sector
in its
most recent expansion
.
The group was responsible for a recent cyberattack against Prospect Medical Holdings, leading to a system-wide outage that affected
16 hospitals
in California, Connecticut, Pennsylvania, and Rhode Island, as well as over 160 clinics in the US. In addition to this, a healthcare operation in Australia was listed on Rhysidas Dark Web site, given a week to pay the ransom before its stolen data was leaked to the public.
Its not surprising that Rhysida is targeting the healthcare sector, which holds valuable patient data and faces pressure to pay and restore lifesaving services quickly, wrote Jess Parnell, VP of security operations at Centripetal, in an emailed statement. In order to protect against ransomware attacks, healthcare operators should implement the basics of good cyber defense — adopt least-privileged access to sensitive information, train employees to identify phishing and other social engineering attacks, and keep all software patches up to date.
HHS recommends that healthcare organizations recognize the threat of these cybergroups,
educate and train their staff
, assess enterprise risk against potential vulnerabilities, and
develop a cybersecurity roadmap.

Last News

▸ Sony, XBox Targeted by DDoS Attacks, Hacktivist Threats ◂
Discovered: 23/12/2024
Category: security

▸ There are plenty of online tools for reporting bugs. ◂
Discovered: 23/12/2024
Category: security

▸ 27 Million South Koreans Hit by Online Gaming Theft. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Rhysida Ransomware Trains Its Sights on Healthcare Operations