南内华达大学医学中心的网络攻击

南内华达大学医学中心网络攻击

University Medical Center of Southern Nevada (UMC) recently suffered a ransomware attack in which patient data was stolen. 医疗中心证实了袭击发生后 新时代赌场主頁欢迎您评论杂志 discovered stolen data had been posted on the darknet site of the Russian-linked ransomware gang REvil, 也被称为Sodinokibi或Sodin.

UMC is a nonprofit public hospital and home to Nevada’s only Level 1 trauma center. 它隶属于 加州大学新时代赌场主頁欢迎您分校的科克·科克里安医学院 并由 克拉克郡 委员会.

UMC的检测和响应

在一份声明中, UMC says its 网络安全 team detected suspicious activity on the hospital’s computer network in mid-June and responded quickly by immediately restricting external access to UMC servers.

UMC’s IT division acted swiftly to identify the suspicious activity and 安全 the hospital’s network, 组织状态. 这种内部反应导致了轻微的, 一些UMC团队成员的间歇性计算机登录问题. 然而, 勒索软件攻击并没有影响病人的治疗, 临床手术也没有延误.

偷来的信息

根据UMC提交给美国的一份报告.S. Department of Health and Human Services, the attack is estimated to have 受影响最多1人.300万人. UMC says that REvil targeted a server used to store patient data and gain access to personally identifiable information (PII), including protected health information (PHI) of patients and employees.

这包括护照, 社会安全号码, 驾驶执照, 的名字, 地址, 出生日期, 临床历史, 财务信息, 和保险信息. The medical center says there is no evidence that any clinical systems were accessed during the attack. The medical center notified patients and affected employees about the potential risk to their PII and promised to offer free access to identity protection and credit monitoring services.

要求赎金

袭击发生后, 驾照图片, 护照, and Social 安全 cards of around half a dozen alleged victims were posted on the hacker’s group website. According to REvil, this was only a small portion of the information they had obtained 在 attack.

This standard operating procedure for the group is typically a move to pressure an organization to pay a ransom. 然而, there’s no indication from the UMC that the hacker group demanded ransom. The medical center is working with the Las Vegas Metropolitan Police Department, 美国联邦调查局, 和第三方 网络安全 专家来确定确切的来源和范围.

REvil Ransomware帮派

REvil is a prolific ransomware-as-a-service (RaaS) gang active since early 2019 – a whopping 占最近所有勒索软件攻击的42% 追查到这个帮派. 自首次亮相, 谩骂已经获得了相当大的势头, 锁定甚至拍卖属于公司的数据. 压力战术超越了数据加密, 恶意的运营商经常提前窃取数据, 漏出它, 然后诉诸敲诈手段. 那些拒绝付款的人, 希望依靠他们的能力来恢复数据, 会不会收到威胁有敏感, 在该组织的黑暗网站上公开的机密数据.

It has been one of the most active ransomware operations over the past year, 对美国的企业进行了多次袭击. 该团伙策划了对全球肉类供应商的勒索软件攻击, JBS食物, which resulted 在 temporary closure of food production facilities 在 美国. JBS付钱给了黑帮 1100万美元的比特币 事件发生后,.

7月，黑帮 冲击至少1000家企业 通过攻击软件公司Kaseya, 哪家公司开发用于管理商业网络和设备的软件. 这是有史以来最大规模的勒索软件活动之一, with the group demanding a $70 million ransom to release the affected machines.

其他由REvil发起的网络攻击包括:

• 苹果电脑供应商:5000万美元
• 领先的化妆品集团Pierre Fabre: 2500万美元
• 位于纽约的格鲁曼·夏尔·梅塞拉斯律师事务所 & 麻袋:42000000美元
• 乳牛场集团:3000万美元

保持警惕

网络攻击是 最快–越来越多的犯罪 在 美国, 增加 in 大小, 复杂，以及每年的花费. Industry experts estimate that 网络安全 incidents will cost businesses globally 到10美元.5万亿年 仅仅在接下来的五年内. 尽管有这些令人震惊的数据， 超过50%的企业 还没有准备好应对网络攻击.

If your organization gets breached, the losses you’ll incur go beyond money. While you can recover financially, but it’s harder to recover from the reputational loss. Since 60% of small companies that suffer attacks end up collapsing within six months, 你不能忽视 网络安全.

Here are some potential repercussions of your small business falls victim to an attack:

• 知识产权
• 声誉损失
• 诉讼
• 业务中断
• 业务和收入的损失

今天就为网络攻击做好准备!

Proactive protection of your systems will help you detect risks before they have a chance to do any damage. Common vulnerabilities for Las Vegas businesses and organizations include 恶意软件, 僵尸网络攻击, 网络钓鱼诈骗, 间谍软件, 广告软件, 和最值得注意的是, ransomware. 新时代赌场主頁欢迎您(NSA), we offer comprehensive 网络安全 assessments that detect weak points in your company’s current security strategies.

We work with Las Vegas businesses and organizations to help them proactively block hackers, pointing them to small and often overlooked gaps that might allow intruders into your systems to access highly sensitive data. Our penetration testing team can identify 网络安全 vulnerabilities before an intruder has the opportunity to infiltrate your network or computer system and work with you to remediate and reduce risk.

We also provide managed IT security services that include free initial 网络安全 assessments, 建立和维护安全的无线网络, 免费的持续员工培训, 自动软件更新, 安全 云服务，以及更多. Our managed IT security services ensure that your business is safe from ransomware, 数据失窃, 网络漏洞, 恶意软件, 和公司信息披露.

新时代赌场主頁欢迎您所有的服务都是可定制的，以应对特定的战斗 网络安全 威胁并保护您的系统, and we’ll help you choose the best solution tailored specifically for the 网络安全 threats your organization faces. 新时代赌场主頁欢迎您的专家 网络安全专家 will constantly monitor your systems and proactively respond to any threat or attack, giving you the peace of mind to focus on your business knowing that your IT security is 在 capable and trusted hands of the NSA team. 今天新时代赌场主頁欢迎您 to schedule a 网络安全 consultation and protect your Las Vegas business!