According to HealthcareInfoSecurity, federal authorities are warning health care and public health sector entities about financially motivated and state-sponsored threat actors and their evolving tactics, techniques and procedures. Privacy, cybersecurity and data strategy counsel Jason G. Weiss addressed the evolving ransomware trends.
“Ransomware, and especially RaaS, is a multi-industry offender. While the health care sector is certainly subject to almost nonstop cyberattacks, this trend is equally viable as it relates to federal, state and local government entities as well as schools and universities, just to name a few,” said Weiss.
Threat actors are making billions of tax-free dollars, Weiss explained. “With the help of cryptocurrencies and encrypted anonymous wallets, they have a secure, encrypted way to get paid with little risk of getting caught if they show basic cyber hygiene skills in covering their digital tracks. Many of the original ransomware gangs, such as Maze, have literally retired from the business as they have made so much money.”
Weiss commented on threat actors using “living off the land” (LOTL) attacks, saying such attacks “make it much more difficult for the victim to detect since they are less likely to alert antivirus or endpoint detection tools.” He added, “These threat actors are well educated, well trained, well funded and highly motivated, and these attacks aren’t going to stop anytime soon.”