#RansomwareResponse

The story behind the Health Infrastructure Security and Accountability Act

by

October 29, 2024 at 12:11PM In February 2024, Change Healthcare suffered a ransomware attack, impacting 110 million individuals and exposing sensitive data. The incident prompted U.S. Senate legislation, the Health Infrastructure Security and Accountability Act (HISAA), aiming to enforce stricter cybersecurity standards in healthcare. HISAA includes compliance audits and funding for enhanced security. ### Meeting … Read more

US healthcare org admits up to 400,000 people’s personal info was snatched

by

October 14, 2024 at 06:13PM Gryphon Healthcare reported a data breach affecting up to 400,000 individuals, compromising sensitive patient information including personal and medical data. The incident was detected on August 13, with notifications sent to victims shortly after. Legal actions are underway, as class-action lawsuits emerge following similar healthcare data breaches. ### Meeting Notes … Read more

Rubrik Partners With Mandiant for Cyber Resilience and Accelerated Incident Response Recovery

by

August 9, 2024 at 01:12PM Rubrik, Inc. announces a partnership and technology integration with Mandiant, aiming to enhance threat detection and cyber recovery for customers. The collaboration integrates Mandiant’s threat intelligence into Rubrik’s security cloud, enables clean room recovery powered by Google Cloud, and provides joint ransomware and incident response teams. This partnership seeks to … Read more

Companies Struggle to Recover From CrowdStrike’s Crippling Falcon Update

by

July 26, 2024 at 06:59PM CrowdStrike’s update caused widespread disruption, particularly in healthcare, with over half of the Health Information Sharing and Analysis Center affected. Recovery efforts continue, with only 18% fully recovered as of July 25. Microsoft released a USB Recovery Tool, but some systems, especially in healthcare, require manual intervention. The outage may … Read more

Uncle Sam urges action after Black Basta ransomware infects Ascension

by

May 13, 2024 at 02:37PM Several US security agencies have issued advisories on the Black Basta ransomware gang, responsible for a recent attack on US healthcare provider Ascension. The group has targeted organizations across critical infrastructure sectors, including healthcare. Affected organizations are urged to apply recommended mitigations and report incidents to law enforcement. Ascension is … Read more

Ransomware negotiator weighs in on the extortion payment debate with El Reg

by

May 12, 2024 at 04:11PM Last year saw a record high in ransomware attacks, affecting over 4,500 victims. Drew Schmitt, a professional negotiator for ransomware incidents, discussed evolving tactics of criminal gangs and the debate over banning ransom payments. Schmitt emphasized the complexity of the issue and the need for a multi-pronged approach to combating … Read more

City of Wichita shuts down IT network after ransomware attack

by

May 6, 2024 at 10:36AM Wichita, Kansas, faced a ransomware attack, prompting the shutdown of parts of its network. The attack occurred on May 5th, resulting in encrypted IT systems. No data theft has been confirmed, but the city is conducting a detailed review. The online payment systems are down, with emergency services still operational. … Read more

INC Ransom claims responsibility for attack on NHS Scotland

by

March 28, 2024 at 06:30AM NHS Scotland contained a ransomware attack to a regional branch, preventing its spread across the institution. The INC Ransom group claimed responsibility, leaking sensitive patient and staff data. The Scottish Government is collaborating with law enforcement to assess the breach’s impact. Healthcare is a prime target for cybercriminals due to … Read more

After LockBit, ALPHV Takedowns, RaaS Startups Go on a Recruiting Drive

by

March 20, 2024 at 11:27AM Law enforcement action against ransomware groups has not eradicated them, but it has disrupted the cyber underground and created distrust among criminals. Based on the meeting notes, the key takeaway is that while law enforcement action has not completely eradicated ransomware groups, it has disrupted the cyber underground and fostered … Read more

Cyberattack Disrupts Production at Varta Battery Factories

by

February 15, 2024 at 10:51AM Germany’s Varta disclosed a cyberattack disrupted production at five plants, affecting IT systems and administrative processes. The extent of damage is uncertain, with a task force formed to restore normal operations and work with cyber security experts. Varta’s global presence and impact on battery production is highlighted. Suspicion of a … Read more