Mount Locker Ransomware Thwarts Recovery, May Target Healthcare & Biotech

GuidePoint Security researchers report Mount Locker Ransomware Steps up Counter-IR Capabilities, Hindering Efforts for Detection, Response, and Investigation. The group is using more sophisticated scripting, maybe rebranding as “Astro Locker,” and has added new security evasion features. GuidePoint indicates that campaigns may be targeting biotech and healthcare-adjacent industries. An expert with Veridium offers perspective.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Rajiv Pimplaskar
InfoSec Expert
April 26, 2021 12:20 pm

<p>There has been a 72% increase in ransomware over the past year that can be correlated with the COVID19 related shift to remote work and the increased use of non-company-provided computers and smartphones.  Complex passwords that are often written down are quite common across the Healthcare sector making the environment especially vulnerable to credential theft.  Password reuse also facilitates easier lateral movement of such attacks between various IT systems as ransomware groups seek out Personally Identifiable Information (PII).  Biotech firms and healthcare institutions should look at adopting passwordless authentication methods such as “phone as a token” and /or FIDO2 in order to strengthen the digital identity of all users.  This could reduce the incidence of credential theft and ransomware thereby keeping patient data safe as well as improving user experience and productivity for both providers and staff.</p>

Last edited 1 year ago by Rajiv Pimplaskar
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x