Forcepoint security labs has identified a form of ransomware, first documented back in September 2016 that targets healthcare organisations. ‘Philadelphia’, believed to be a new version of ‘Stampedo’ currently shows patterns that could be the beginning of a widening targeting campaign, extending beyond US perimeters. Sold for just a few hundred dollars and promoted on YouTube, it gives have-a-go criminals, on a global scale, the tools to conduct very targeted and convincing attacks.
The attack is sent through a spear-phishing email containing tailored logos and staff names, adding to the deception. Once activated the variant communicates information including operating system, username, country and system code back to its command and control and generates a victim ID, bitcoin wallet ID and bitcoin ransom price.
Carl Leonard, principal security analyst at Forcepoint, said:
“While processing our open source intelligence feeds we discovered Philadelphia, currently a cheap, poorly written ransomware that is available cheaply to script kiddies. Although the ransom is currently only 0.3 BTC, the command and control paths suggest that the actor is targeting hospitals for this campaign so there are likely to be other targets. While this might not seem like a huge attack on the healthcare sector, should this trend catch on, collectively this represents a huge risk to the industry”
More information on this is available on the Forcepoint blog: https://blogs.forcepoint.com/security-labs/shelf-ransomware-used-target-healthcare-sector
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…