The Federal Bureau of Investigation (FBI) revealed that the Conti ransomware gang has hit at least 16 healthcare and first responder organizations.
According to a flash alert issued by the FBI over 400 organizations worldwide were targeted by the ransomware operators, 290 of which are in the US.
“The FBI identified at least 16 Conti ransomware attacks targeting US healthcare and first responder networks, including law enforcement agencies, emergency medical services, 9-1-1 dispatch centers, and municipalities within the last year.” reads the flash alert. “These healthcare and first responder networks are among the more than 400 organizations worldwide victimized by Conti, over 290 of which are located in the U.S.”
Conti ransomware operators run a private Ransomware-as-a-Service (RaaS), the malware appeared in the threat landscape at the end of December 2019 and was distributed through TrickBot infections. Experts speculate the operators are members of a Russia-based cybercrime group known as Wizard Spider.
Since August 2020, the group has launched its leak site to threaten its victim to release the stolen data.
The list of victims of the group includes IoT chip maker Advantech, and Broward County Public Schools (BCPS), and Ireland’s Health Service Executive.
The FBI wars that cyber attacks against healthcare organizations and emergency services could have a a dramatic impact on the citizens.
“Cyber attacks targeting networks used by emergency services personnel can delay access to real-time digital information, increasing safety risks to first responders and could endanger the public who rely on calls for service to not be delayed.” continues the FBI’s alert. “Loss of access to law enforcement networks may impede investigative capabilities and create prosecution challenges. Targeting healthcare networks can delay access to vital information, potentially affecting care and treatment of patients including cancellation of procedures, rerouting to unaffected facilities, and compromise of Protected Health Information.”
Follow me on Twitter: @securityaffairs and Facebook
|[adrotate banner=”9″]||[adrotate banner=”12″]|
(SecurityAffairs – hacking, Conti Ransomware)