The cybersecurity division of the FBI is warning organizations of Hive ransomware, citing indicators of compromise and recent incidents. The ransomware is actively targeting healthcare systems.
Hive ransomware was first observed in June 2021 and exhibits file encryption capabilities and terminates backup and file copying processes to carry out its attacks, the FBI said.
In addition to the phishing notes, the FBI said some victims have also received phone calls requesting payments for their files.
“Paying a ransom may embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware and/or fund illicit activities,” the FBI release said. “Paying the ransom also does not guarantee that a victim’s files will be recovered.”
The FBI identified various indicators of compromise such as applications, the domain and various files. The agency recommends (PDF) targeted organizations take certain precautions, including data backups and multi-factor authentication, and urges them to report ransomware incidents.
The alert comes as the healthcare industry has seen an uptick in cyberattacks amid the COVID-19 pandemics. Scripps Health and DuPage Medical Group also were hit by hackers this year. The agency issued a similar warning in May of Conti ransomware targeting healthcare networks.
Tags: Ransomware Attack Safety