• About Us
  • Events
  • Spotlight Series
  • Webinars
  • WhitePapers
  • Videos
  • Podcasts
  • Innovators
    1. Cybersecurity
    2. Data Breaches

    HHS Cybersecurity Branch Warns Healthcare Sector of Hive Ransomware Group

    April 21, 2022
    HHS’ Health Sector Cybersecurity Coordination Center issued an advisory on April 18 warning healthcare and the public health sector about the malicious Hive ransomware group
    Dreamstime Xxl 133722156

    The Department of Health and Human Services' (HHS) Health Sector Cybersecurity Coordination Center (HC3) published an analyst note on April 18 warning healthcare and the public health sector of the Hive ransomware group.

    The analyst note states that “Hive is an exceptionally aggressive, financially-motivated ransomware group known to maintain sophisticated capabilities who have historically targeted healthcare organizations frequently. HC3 recommends the Healthcare and Public Health (HPH) Sector be aware of their operations and apply appropriate cybersecurity principles and practices found in this document in defending their infrastructure and data against compromise.”

    The Hive ransomware group was first observed in June of 2021. In September of 2021 we reported that the FBI has released an alert about the malicious Hive ransomware, the same group that took down Memorial Health System on Aug. 15. In March of 2022 we reported that the Hive Ransomware group posted on its dark website that it had stolen 850,000 personally identified information (PII) records from the Partnership HealthPlan of California. The analyst note cites a report that in its first 100 days as a group, Hive breached 355 companies.

    The analyst note says that Hive’s operations include double extortion; operating as a ransomware as a service model; leveraging Golang— a language used by cybercriminals to design malware; leveraging infection vectors like RDP and VPN compromise as well as phishing; encrypting files end with a .hive, .key.hive or .key extension; making phone calls to some victims to extort ransom; and searching victim systems for applications and processes that backup data and terminate or disrupt them.

    The analyst note adds that “When defending against Hive or any other ransomware variant, there are standard practices that should be followed. Prevention is always the optimal approach.”

    The prevention methods in the analyst note include:

    • Using two-factor authentication with strong passwords
    • Sufficiently backing up data
    • Continuous monitoring
    • Having an active vulnerability management program
    • Having thorough endpoint security

    Continue Reading

    Sponsored Recommendations

    Care Access Made Easy: A Guide to Digital Self-Service for MEDITECH Hospitals

    Today’s consumers expect access to digital self-service capabilities at multiple points during their journey to accessing care. While oftentimes organizations view digital transformatio...

    Going Beyond the Smart Room: Empowering Nursing & Clinical Staff with Ambient Technology, Observation, and Documentation

    Discover how ambient AI technology is revolutionizing nursing workflows and empowering clinical staff at scale. Learn about how Orlando Health implemented innovative strategies...

    Enabling efficiencies in patient care and healthcare operations

    Labor shortages. Burnout. Gaps in access to care. The healthcare industry has rising patient, caregiver and stakeholder expectations around customer experiences, increasing the...

    Findings on the Healthcare Industry’s Lag to Adopt Technologies to Improve Data Management and Patient Care

    Join us for this April 30th webinar to learn about 2024's State of the Market Report: New Challenges in Health Data Management.