The Cybersecurity and Infrastructure Security Agency warned about ransomware activity targeting healthcare agencies and the public health sector. The warning, which was published Oct. 28, and was updated to included information on Conti, TrickBot, and BazarLoader, including new IOCs and Yara Rules for detection.
“This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS). This advisory describes the tactics, techniques, and procedures (TTPs) used by cybercriminals against targets in the Healthcare and Public Health (HPH) Sector to infect systems with ransomware, notably Ryuk and Conti, for financial gain.”
“CISA, FBI, and HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers. CISA, FBI, and HHS are sharing this information to provide warning to healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats.”
“Click here for a PDF version of this report.
Click here to read the full warning including technical details about the threat.