Today, the FBI, CISA, and the Department of Health and Human Services (HHS) have issued a warning to healthcare organizations in the United States about targeted ALPHV/Blackcat ransomware attacks.
According to the joint advisory, ALPHV Blackcat affiliates have primarily focused on attacking the healthcare sector.
This latest warning comes after an FBI flash alert in April 2022 and another advisory in December 2023 that provided details about the activities of the BlackCat cybercrime gang. The group emerged in November 2021 and is suspected to be a rebrand of the DarkSide and BlackMatter ransomware groups.
During its initial four months of operation (between November 2021 and March 2022), the FBI has linked BlackCat to more than 60 breaches. The gang is believed to have collected at least $300 million in ransoms from over 1,000 victims until September 2023.
In today’s joint advisory, the three federal agencies revealed that since mid-December 2023, the healthcare sector has been the most frequently targeted among nearly 70 leaked victims. This surge in attacks is likely due to a post from the ALPHV Blackcat administrator, which encouraged affiliates to focus on hospitals following operational actions against the group and its infrastructure in early December 2023.
The FBI, CISA, and HHS strongly advised healthcare organizations to take precautions and enhance their cybersecurity measures. It is crucial for these organizations to be vigilant, implement robust security protocols, regularly update their systems, and educate their staff about potential threats.
By taking proactive steps to protect themselves from ransomware attacks, healthcare organizations can safeguard sensitive patient information, maintain continuity of care, and avoid potential financial losses.
