Just a few days back, the U.S. Department of Health and Human Service Cybersecurity Coordination Center (HC3) warned against rising Karakurt activities against the healthcare center. Now, the department has once again warned against attacks by the Evil Corp gang.
Diving into details
The alert states that Evil Corp is, allegedly, acquiring intellectual property from the U.S. healthcare sector on behalf of the Russian government.
The Dridex trojan, propagated by Evil Corp, is capable of affecting the confidentiality and availability of operational systems and data, including financial and health information.
The threat actor has constantly modified its tactics to evade sanctions imposed by the U.S. government and has caused millions of dollars worth of damage.
Why this matters
Evil Corp has an array of tools and techniques at its disposal, which is often used with commodity malware and living-off-the-land tactics.
Moreover, HC3 is concerned since nation-state-sponsored threat actors, such as Evil Corp, find it cost-effective to steal intellectual property via data exfiltration.
In addition to the above, Evil Corp doesn’t discriminate between large and small organizations, as it targets wherever there is an opportunity.
The Karakurt warning
HC3 had warned that Karakurt has at least compromised an assisted living facility, a healthcare provider, a hospital, and a dental clinic.
The gang even updated its leak site to a searchable database where finding victims has become easy.
The bottom line
The healthcare sector has always been a favorite target of cybercriminals, which has only witnessed a surge since the onslaught of the pandemic. Different threat groups are targeting the sector on a regular basis. Hence, implementing the necessary security measures is recommended.