Healthcare orgs are being swamped with ransomware, FBI warns

Venus ransomware increasingly targeting healthcare firms, says FBI

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Healthcare organizations in the United States are under attack from the Venusransomware, the country’s Department of Health and Human Services (HHS) is warning.

In a report published by the Health Sector Cybersecurity Coordination Center (HC3), the HHS states that it is aware of at least one successful Venus attack against a public healthcare firm.

The problem with Venus’ operators, however, is that they’re not the usual double-whammy ransomware group - there is no data leak site, and the operators don’t seem to be interested in leaking the stolenintelonline.

No data leak site yet

“The operators of Venus ransomware are not believed to operate as a ransomware-as-a-service (RaaS) model and no associated data leak site (DLS) exists at this time,” the report reads.

Elsewhere in the report, it was said that Venus ransomware most likely started operating in August 2022, and has since encrypted numerous victims all over the globe.BleepingComputeradds that since August, new submissions were being uploaded to ID Ransomware every day, suggesting that the operators are quite active.

The malware works by terminating 39 processes associated with database servers andMicrosoftOffice applications. It targets publicly exposed Remote Desktop services, using them to gain initial access to the targetendpoints. Besides terminating processes, the ransomware also deletes event logs, Shadow Copy Volumes, and disables Data Execution Prevention.

Remote desktop services targeted by devious ransomware>The 10 worst ransomware attacks ever>Check out the best firewalls out there

Healthcare organizations are among the most popular targets for cybercriminals, especially since the outbreak of the coronavirus. Hospitals run countless computers, printers, and internet-connected smart devices, generating thousands of sensitive files. These devices are sometimes outdated and improperly secured, making for an ideal first-entry endpoint.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Furthermore, with the Covid-19 pandemic filling up every last space in hospitals, overworked healthcare workers are an easy target to prey on with phishing and social engineering attacks.

Besides Venus, healthcare organizations in the States were targeted by Maui, Zeppelin, Daixin, Quantum, and many other strains.

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Windows PCs targeted by new malware hitting a vulnerable driver

Dangerous Android banking malware looks to trick victims with fake money transfers

Apple iMac 24-inch M4 (2024) review: the best, and most colorful, all-in-one computer levels up