Home Health Feds warn healthcare providers of ‘exceptionally aggressive’ ransomware group

Feds warn healthcare providers of ‘exceptionally aggressive’ ransomware group

by admin

The U.S. Department of Health and Human Services’ cybersecurity arm released a warning this week about the ransomware group Hive.  

Described as an “exceptionally aggressive, financially motivated ransomware group,” Hive has frequently targeted healthcare organizations, said the Health Sector Cybersecurity Coordination Center in its analyst note.  

“HC3 recommends the Healthcare and Public Health Sector be aware of their operations and apply appropriate cybersecurity principles and practices found in this document in defending their infrastructure and data against compromise,” said the agency.  


Hive has only been operational since June 2021, the agency explained, but it has spent the intervening months aggressively targeting the U.S. healthcare sector.   

It cited reports of Hive affiliates breaching more than 350 companies over just four months – an average of three companies a day, 

The analyst note highlighted several operational features of Hive, including:

“Double extortion,” or conducting data theft before encryption.
Ransomware-as-a-service model.
The use of the Golang language, as well as common infection sectors such as RDP and VPN compromise, along with phishing.
Encrypted files ending with a .hive, .key.hive or .key extension.
Phone calls to some victims pressuring them to pay and conduct negotiations. 

“Like some other ransomware variants, Hive searches victim systems for applications and processes which backup data and terminates or disrupts them. This includes deleting shadow copies, backup files and system snapshots,” said HC3.  

The analysts noted that although much of Hive’s operations are typical for ransomware operators, they also “have a set of unique capabilities which make them especially noteworthy” – particularly the wide variety of tactics, techniques and procedures.

HC3 advised organizations to rely on practices including two-factor authentication, sufficient data backups, continuous monitoring, an active vulnerability management program and comprehensive endpoint security.  


HC3 isn’t the only federal agency to sound the alarm on Hive.

Back in September, the U.S. Federal Bureau of Investigation issued a flash warning about the gang – shortly after the group attacked healthcare organizations in Missouri and Ohio.  

There are of course other bad actors out there. HC3 also issued an alert this month about Lapsus$, described as “effective, but also unprofessional and careless.”  

“The geographic diversity of this group will make them especially difficult to permanently quash,” HC3 said about the group.  


“When defending against Hive or any other ransomware variant, there are standard practices that should be followed,” said HC3. “Prevention is always the optimal approach.”

Kat Jercich is senior editor of Healthcare IT News.
Twitter: @kjercich
Email: [email protected]
Healthcare IT News is a HIMSS Media publication.

Source : Healthcare IT News

Related Articles

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

NEWS7.ASIA :Feds warn healthcare providers of ‘exceptionally aggressive’ ransomware group
https://cleaninghome.net   https://collegae.net   https://newshealth.biz   https://droles-danimaux.com   https://news2.fr  
‘SlowMo’ Therapy Offers ‘Freedom and Peace’ From Paranoia *  Rubies Gants pour Enfant Produit Officiel Marvel Avengers Motif Iron Man Taille Unique *  Cierge de baptême Fille 250/70 mm VT 04 avec Accessoires pour Personnalisables *  ‘US committed to working with Zim govt’ *  Marnie Schulenburg dead: Actress dies aged 37 following breast cancer – Metro.co.uk *  * Preview: Tricky urban stage 2 time trial tests Giro d’Italia contenders | Cyclingnews *  Trixie Arbre Chat Espejo Beige 69 cm *  https://www.lingedelitpascher.com/   https://www.materielsphoto.com   https://www.fourniturescolairepascher.com/   https://www.chaussures-banyuls.com/   https://www.les-meilleurs.org   https://fringues.biz/   https://soccernews.info   https://www.les-fournitures-scolaires.com   Feds warn healthcare providers of ‘exceptionally aggressive’ ransomware group : news7

news7.asia Feds warn healthcare providers of ‘exceptionally aggressive’ ransomware group