Increased communication and collaboration among cybercrime groups is heightening the ransomware threat for the healthcare sector, according to the Cyber Threat Intelligence League (CTI League), a group that since last March has been functioning as a global volunteer emergency response center for healthcare organizations.
In a report Thursday summarizing its efforts over the past year, the CTI League says it expects ransomware attacks and activities like the trading and selling of databases containing protected health information (PHI) to increase this year. The group also expects an increase in "triple extortion" attacks involving the use of ransomware, data theft, and distributed denial-of-service (DDoS) attacks as leverage to extort money from healthcare entities.
CTI League says it observed increased demand in 2020 for backdoor access to healthcare networks — usually in the form of vulnerable Remote Desktop Protocol (RDP) services — and also an increase in the number of brokers leaking, acquiring, and selling that access. COVID-19-themed lures were and will continue to be a central part of phishing, social engineering scams, and information campaigns that seek to exploit fear and curiosity over the pandemic.
Their observations are correct. And the threat is not only healthcare, it's everyone. Dark Reading has the story: