Cyber Security Today, Nov. 29, 2023 – More ransomware attacks on the healthcare sector

Share post:

More ransomware attacks on the healthcare sector.

Welcome to Cyber Security Today. It’s Wednesday, November 29th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for and in the U.S.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

The healthcare sector continues to be a popular target of ransomware gangs. In the latest incidents Ardent Health Service, which runs 30 hospitals in Texas, New Mexico, Oklahoma and New Jersey had to divert some emergency room patients to other area hospitals after a ransomware attack. The attack started on Thanksgiving Day. Ardent has had to shut down a number of its IT systems, including its health care records.

Meanwhile for the second time in two months an American distributor of medical products called Henry Schein Inc. has been hit by the BlackCat/AlphV ransomware gang. “The threat actor from the previously disclosed cyber incident has claimed responsibility,” the company said in a statement last week. In an update issued Monday the company said it has restored its e-commerce platform in the U.S., and expects to be back online in other countries soon. The suspicion is the gang re-encrypted the company’s files when ransom negotiations stalled. Researchers at BlackFog note the company is no longer on the gang’s ransomware list of victims, possibly indicating negotiations resumed or a ransom was paid.

Separately, as part of a continuing crack-down on ransomware gangs authorities in Ukraine arrested a man man allegedly behind a group that deployed four strains of ransomware against organizations in 71 countries. The Europol police co-operative said the arrest took place last week, which also saw four others detained. The gang’s tactics included brute force attacks, SQL injection attacks and sending emails with infected attachments.

Here’s a factoid for thought: According to BlackBerry’s November threat intelligence report, 52 per cent of the new software holes listed in the National Vulnerability Database had a severity score of 7 or more out of 10. Fifteen per cent of vulnerabilities had a score of 9. Question: Does your IT department have a process for determining how fast a critical vulnerability is patched?

Here’s another set of factoids: Researchers at Hornetsecurity looked at 45 billion emails that went through its systems in the past year. More than one-third of the messages were categorized as unwanted. Of those 3.6 per cent had either malicious phishing or web links. Question: Does your IT department have solutions for effectively scanning emails for malicious content?

Here’s another piece of data I pulled from a report: There’s been a ten-times increase in the number of deepfake videos, audio recordings or documents detected in the past 12 months. That’s according to researchers at Sumsub in their annual Identity Fraud Report. Question: Does your IT department have solutions for detecting synthetically generated fraud documents?

iPhone owners who have updated to iOS 17 should think about changing the default setting of a new feature called NameDrop. According to researchers at BuddoBot, it allows users to easily share their contact info by bringing iPhones close together. However, having the capability turned on all the time is a privacy risk. All proximity-based data-sharing features on any mobile device should be turned off until they are needed.

Finally, if you use the Google Chrome browser there’s an emergency update to be installed. You should be running version 119.0.6045.200.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, Nov. 29, 2023 – More ransomware attacks on the healthcare sector first appeared on IT World Canada.
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.


Related articles

Microsoft faces criticism for managing of vulnerability disclosure

Microsoft is criticized for its handling of bug reporting with critics saying, “they just don’t seem to get...

FBI rapidly hacks into Trump shooter’s phone, raises privacy concerns

Just two days after the attempted assassination at a Trump rally, the FBI announced it had gained access...

Disney investigating a potential major leak of internal communications

Disney is investigating a significant data breach by the hacking group Nullbulge, which claims to have accessed and...

Kaspersky to shut down its US business due to sanctions

Russian cybersecurity firm Kaspersky Lab announced it will cease its U.S. operations starting July 20, following sanctions from...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways