The US government has warned the healthcare sector that it is now the biggest target of the BlackCat ransomware group.
The joint advisory from the FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS), noted of the nearly 70 leaked victims of BlackCat since mid-December 2023, healthcare has been the most commonly victimized industry.
This follows a post by a BlackCat administrator encouraging affiliates to target hospitals in early December in response to law enforcement action taking down the Russian-speaking group’s leak site.
The group appeared to “unseize” its leak site shortly after the announcement.
BlackCat, also known as ALPHV, is reportedly behind the ongoing cyber incident affecting health tech firm Change Healthcare, which was first reported on February 21.
BlackCat Adapts Techniques Following Law Enforcement Operation
The advisory said that BlackCat actors are employing improvised communication methods by creating victim-specific emails to notify of the initial compromise.
For example, affiliates offer to provide unsolicited cyber remediation advice as an incentive for making a payment, such as “vulnerability reports” and “security recommendations” to prevent future attacks.
No tags.
