The US Department of Health and Human Services is warning healthcare providers of a new ransomware threat demanding ransoms of up to $2 million.
The US Department of Health and Human Services released information about Royal, a new human-operated ransomware threat targeting healthcare providers that has demanded ransoms from $250,000 to over $2 million.
Royal attacks impacting the healthcare sector have primarily targeted organizations in the US. In each instance, the attackers claim to have published all the data they allegedly extracted from the victim.
“Due to the historical nature of ransomware victimizing the healthcare community, Royal should be considered a threat to the [health care and public health care] sector,” the Health Sector Cybersecurity Coordination Center stated in its note posted to the HHS website.
Royal has employed new techniques and evasion tactics, including embedding malicious links in Google ads, using an organization’s contact form to bypass email protections, and placing malicious installer files on legitimate-looking software sites.
It also uses attack methods frequently associated with ransomware, such as phishing, remote desktop protocol compromises and credential abuse, compromises of exploited vulnerabilities like VPN servers, and compromises in other known vulnerabilities.
The American Dental Association has offered its members tips on protecting themselves against ransomware attacks.
The ADA also offers continuing education courses on ransomware readiness, phishing, and ransomware.