Morning Tick
  • Latest News
    • Bitcoin
    • Ethereum
    • Ripple and XRP
    • Fintech
    • Altcoins
  • Market Analysis
  • Resources
  • Contact
    • About Us
    • Press Toolkit
Facebook Twitter Instagram
Morning Tick
  • Latest News
    • Bitcoin
    • Ethereum
    • Ripple and XRP
    • Fintech
    • Altcoins
  • Market Analysis
  • Resources
  • Contact
    • About Us
    • Press Toolkit
Facebook Twitter Instagram
Morning Tick
Emotet

US Federal authorities issue advisory over ransomware attacks targeting healthcare sector

Manas PimpalkhareBy Manas PimpalkhareUpdated:November 11, 2020 on November 11, 2020
US Federal authorities issue advisory over ransomware attacks targeting healthcare sector
Image credit: Pixabay
Share
Reddit Facebook Twitter LinkedIn Pinterest WhatsApp Email

Three US Federal authorities – the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) – jointly issued an advisory about the threat of ransomware attacks against the healthcare system in the US. This advisory detailed the tactics and techniques used by ransomware group Ryuk to infiltrate, encrypt, and extort the healthcare system. 

All three agencies have received information about imminent threats to US hospitals and healthcare providers. They have also asked the members of the healthcare sector to exercise greater caution in their cybersecurity. 

The advisory specifically stated that malicious cyberattackers are targeting the healthcare industry using Trickbots, which would lead to ransomware attacks and large amounts of data theft. Organizations which are catering to the needs of Covid-19 patients would have a tough time catering to their cybersecurity needs. 

Trickbot and Ryuk

The advisory given by the federal agencies contains the modus operandi of the Trickbot malware, which is often an accomplice to a Ryuk ransomware attack. Trickbot was originally used as a trojan horse for banking scams but has now widened its scope by being a delivery agent of ransomware. 

CISA discovered several backdoors within the Trickbot malware, which allowed hackers to send and receive data from victim machines. An example of such tools is the Anchor_DNS tool. 

Once successfully inside the system, Trickbot lays itself in specific directories and disguises itself as a “.exe” file with a randomly generated name. 

Trojan malware like Emotet and Trickbot usually carry a ransomware package with them, which begins encrypting a victim system upon delivery. Ryuk is one of the most dangerous ransomware groups active in the world today. It is a mutation of the Hermes 2.1 ransomware and has been proactive on the block since August 2018. 

Ryuk infiltrates the system by stealing important credentials using PowerShell and CobaltStrike tools, which use brute force tactics to churn passwords and gain access to a system. The federal advisory details the method of Ryuk’s offensive, and mentions the MITRE ATT&CK techniques used. 

The advisory comes only weeks after the brutal attack on the Universal Health Services (UHS) hospitals by Ryuk, which left nearly 400 healthcare locations in the US and UK useless. 

According to AP, “Independent security experts say it has already hobbled at least five U.S. hospitals this week, and could potentially impact hundreds more.”

“We are experiencing the most significant cybersecurity threat we’ve ever seen in the United States,” Charles Carmakal, chief technical officer of the cybersecurity firm Mandiant, said in a statement. 

Private security firms are expected to be on high alert after the issuance of this advisory. 

Emotet Malware Ransomware Security United States
Disclaimer
Read More Read Less
The information provided on this website shouldn’t be considered as investment, tax, legal, or trading advice. Morning Tick is not an investment advisory platform, nor do we intend to be. The publication, its’s management team, or authored-by-line doesn’t seem liable for your personal financial losses, which may be due to your panic decisions based on the content we published. We strongly recommend considering our stories as just a piece of information, unlike advice, recommendations, or requests. Some of the contents may get outdated, updated, or inaccurate despite our profound editorial policies. We urge readers to do their due diligence before making any investments decision with ongoing IDOs, ICOs, IEOs, or any other kind of financial offerings. Few outbound links may be commissioned or affiliated, which helps us grow financially and maintain healthy editorial norms. For more information, visit disclaimer page.
Share. Facebook Twitter Pinterest LinkedIn Email Reddit WhatsApp
Previous ArticleNew Crypto regulations in Malaysia come into effect
Next Article Wealthtech platform Quantifeed completes series B+ round of investment
Manas Pimpalkhare
  • Twitter

Aspiring Tech Journalist, Lawyer-to-be, has a keen interest in cybercrime and disruptive tech like AI, 5G, and crypto.

Recommended Posts

Crypto community is white and male but not for long, Gemini study reveals

April 30, 2021

New York AG bans Tether, Bitfinex over false claims about USD backing and losses

February 23, 2021

Bitcoiner alerts ‘overconfident HODLers’ after losing 2.6 BTC

January 11, 2021

The 10 Biggest Data Breaches that grabbed attention in 2020

December 24, 2020
Add A Comment

Comments are closed.

Latest

Introducing Lucky Mystery Box, Crypto lottery based on TRON with a prize pool of 1M USDT

2 months ago

GlobalDots joins forces with Coralogix to save companies 40-70% on full-stack observability costs, launching a debut CDN log management solution

3 months ago

KX.finance announces upcoming DeFi/DEX aggregator launch on APTOS/SUI blockchain

5 months ago

HyperBC Group unveils Zero interest Crypto Credit Card HyperCard, obtains Lithuanian Financial License

5 months ago

Unplugged launches its mobile App Suite to help consumers reclaim their privacy

5 months ago
Morning Tick
Facebook Twitter Instagram Pinterest RSS
  • About Us
  • Press Toolkit
  • Disclaimer
  • Contact Us
  • Privacy Policy
  • Sitemap
© 2023 Morning Tick. Disclaimer: The information provided on this website shouldn't be considered as investment, tax, legal, or trading advice.

Type above and press Enter to search. Press Esc to cancel.