In recent days the U.S. Department of Health and Human Services (HHS) has issued a warning about ‘Royal Ransomware’. Royal is a rapidly growing ransomware operation that is targeting large companies where its ransom demands range from $250,000 to over $2 million.
According to U.S. officials: “While most of the known ransomware operators have performed Ransomware-as-a-Service, Royal appears to be a private group without any affiliates while maintaining financial motivation as their goal.”
Looking at the issues that this latest variant of ransomware presents to the business community for Digital Journal, is Daniel Selig, Security Automation Architect at Swimlane.
Selig notes that the ransomware is being directed at force towards the healthcare sector. One reason for this is due to the rich data stream that such institutions hold about people, especially the health records of patients.
It is this for this reason that Selig states: “Threat actors who target the healthcare sector have been a prevalent concern for CISA, the FBI and the Department of Health and Human Services (HHS) over the past few months. Just days ago, CISA, the FBI and HHS issued their #StopRansomware advisory on Cuba Ransomware, a group that has received over $60 million in ransom payments and often targets the healthcare industry.”
In terms of the latest threat, Selig explains: “Now, one of HHS’s chief concerns is Royal Ransomware, a group that began in 2022 and is known to make ransom demands of up to $2 million. To date, this group claims to have published 100% of extracted data.”
These threats also come at a time when the healthcare sector is especially vulnerable to cyberattacks, as Selig explains: “The COVID-19 pandemic has left the healthcare industry with staff and resource shortages, making it an increasingly hot target for cybercriminals. Even before the pandemic, the healthcare industry had the highest costs associated with data breaches.”
Building on the particular risk to medical and healthcare areas, Selig notes: “Breaches involving healthcare organizations are especially problematic because of the abundance of personal information available for attackers to exploit. Worse still, attacks can have a direct negative impact on patient care with potentially life-threatening consequences. When it comes to the healthcare system, it is essential that cybersecurity remains top of mind to prevent attacks from groups like Royal.”
There are measures that struggling businesses, including healthcare institutions can take. Selig recommends: “To offset the lack of staff and resources, as well as to prevent future Royal attacks from occurring, healthcare organizations should adopt low-code security automation to help detect and respond to threats in real-time by allowing complete visibility into IT environments.”
In addition, Selig states: “Endpoint security tools that integrate low-code security automation give healthcare organizations a cohesive protection strategy that protects patients and employees from data theft and extortion.”
