Lawmakers stumble on data privacy as another tech CEO to testify
US announces it seized Hive ransomware gang’s leak sites and decryption keys
The infrastructure behind Hive, one of the most prolific ransomware operations, has been seized by law enforcement agencies in the United States and Europe. Hive saw its dark web portal seized as part of a coordinated law enforcement action carried out by the U.S. Department of Justice, the FBI, Secret Service and several European government agencies, just months after the federal government’s cybersecurity unit CISA sounded the alarm about Hive’s ongoing extortion efforts.
Protecting Against Malicious Use of Remote Monitoring and Management Software
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) (hereafter referred to as the “authoring organizations”) are releasing this joint Cybersecurity Advisory (CSA) to warn network defenders about malicious use of legitimate remote monitoring and management (RMM) software. In October 2022, CISA identified a widespread cyber campaign involving the malicious use of legitimate RMM software. Specifically, cyber criminal actors sent phishing emails that led to the download of legitimate RMM software—ScreenConnect (now ConnectWise Control) and AnyDesk—which the actors used in a refund scam to steal money from victim bank accounts.
Hacking Accounted For Nearly 80% of Healthcare Data Breaches Last Year
Nearly 80 percent of healthcare data breaches reported to the HHS Office for Civil Rights (OCR) in 2022 were attributed to hacking and IT incidents, Fortified Health Security noted in its “2023 Horizon Report,” signifying a 45 percent increase from just five years ago. What’s more, 70 percent of reported breaches (impacting more than 500 individuals each) affected healthcare providers, with business associates and health plans making up a much smaller portion of the total number of impacted entities.
CISA’s Jen Easterly wants to protect US hospitals following spate of ransomware attacks
Three and a half years ago, the Springhill Medical Center in Mobile, Alabama, became the target of Russian-based cybercriminals known as the Ryuk gang and Wizard Spider. The hackers locked up all the hospital’s computers, medical records and equipment when Springhill refused to pay a ransom. It’s one example out of hundreds in the past three years of cyber hackers attacking unsuspecting hospitals and medical centers knowing that if those hospitals’ systems are down, lives can be lost.