Black Basta Behind Ransomware Attack on Ascension

May 15, 2024
Health-ISAC warns the healthcare industry against the Russian-speaking threat actor Black Basta.

Current investigations indicate that the Russian-speaking group Black Basta has deployed ransomware onto Ascension. On May 8, the Catholic health system released a news brief that stated it was experiencing a cybersecurity event. On May 9, Ascension confirmed that the organization was hit by a ransomware attack, leading to a diversion for emergency medical services and interruption in services concerning its electronic health records system (EHR), among other tools.

CNN’s Sean Lyngaas reported last Friday, using several sources, that the cyberattack on Ascension was perpetrated by the ransomware group Black Basta, a potential offshoot of Conti.

On May 10, Orlando-based Health-ISAC issued a threat bulletin regarding Black Basta as a significant threat actor to the healthcare industry. Health-ISAC urged all Healthcare and Public Health (HPH) sector entities to follow the recommended actions listed in the bulletin. These actions include infrastructure organizations installing updates for operating systems, software, and firmware, integrating multifactor authentication (MFA), and training users to recognize and report phishing attempts.

“It’s just another demonstration of the need for additional resources to help protect hospitals and healthcare systems globally,” commented Errol Weiss, chief security officer at Health-ISAC. “Typically, with these ransomware actors, they're taking a pretty broad approach in terms of throwing out their net to try to cast a victim,” he added. Of the ransomware cases tracked by Health-ISAC over the last year, about eight percent were in the healthcare sector.

Last year, Healthcare Innovation reported on the threat that the ransomware group Black Basta posed to healthcare organizations. On March 13, 2023, the Health Sector Cybersecurity Coordination Center (HC3) published a threat profile on the group, which was first spotted in 2022.

Meanwhile, a timeline for system restoration at Ascension is still absent. “We are focused on restoring systems safely. We are making progress; however, it will take time to return to normal operations,” an Ascension spokesperson said in a statement earlier this week.

Sponsored Recommendations

Patient Engagement and ML/AI – Modern Interoperability as an enabler for value based care

Discover how modern interoperability empowers patient engagement and leverages ML/AI for better outcomes in value-based care. Join us on June 18th to learn how seamless data integration...

New Research: The State of Healthcare Cloud Security and Compliance Posture

Compliance & Security Debt Awareness Could Have Prevented Change Healthcare & Ascension Healthcare Breaches

Telehealth: Moving Forward Into the Future

Register now to explore two insightful sessions that delve into the transformative potential of telehealth and virtual care management solutions.

Telehealth: Moving Forward Into the Future

Register now to explore two insightful sessions that delve into the transformative potential of telehealth and virtual care management solutions.