[BreachExchange] FBI: Conti Ransomware Gang Behind Ireland Attack Also Hit 16 U.S. Health and Emergency Networks
Audrey McNeil
audrey at riskbasedsecurity.com
Mon May 24 18:35:29 EDT 2021
https://gizmodo.com/fbi-conti-ransomware-gang-behind-ireland-attack-also-h-1846946291
The same hackers that took down the Irish health system last week also hit
at least 16 U.S. medical and first responder networks in the past year,
according to a Federal Bureau of Investigation alert made public Thursday
by the American Hospital Association.
As first spotted by the security news site Bleeping Computer, the FBI Cyber
Division said these hackers used the strain of ransomware known as Conti to
target law enforcement agencies, emergency medical services, 9-1-1 dispatch
centers, and municipalities in the U.S. Ransomware is a type of malicious
software that breaks into a victim’s devices and encrypts their files so
cybercriminals can then extort payment in exchange for restoring access.
The FBI didn’t name specific victims of these breaches or whether ransoms
were successfully extorted, saying only that these networks “are among the
more than 400 organizations worldwide victimized by Conti, over 290 of
which are located in the U.S.” It added that the latest ransom demands have
been as high as $25 million.
The hackers that crippled the Irish health system are reportedly part of
“Wizard Spider,” a sophisticated cybercrime gang based in Russia that’s
been increasingly active in the past year. The group’s threatened to
release patient records unless Irish authorities fork over $20 million.
For the last week, this ransomware attack has cut off access to patient
records, forced medical facilities to cancel appointments, and disrupted
covid-19 testing in the nation. Ireland’s minister overseeing e-government,
Ossian Smyth, has called it “possibly the most significant cybercrime
attack on the Irish state.”
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210524/358cf1cf/attachment.html>
More information about the BreachExchange
mailing list