Mount Locker Ransomware Thwarts Recovery, May Target Healthcare & Biotech

By   ISBuzz Team
Writer , Information Security Buzz | Apr 26, 2021 04:16 am PST

GuidePoint Security researchers report Mount Locker Ransomware Steps up Counter-IR Capabilities, Hindering Efforts for Detection, Response, and Investigation. The group is using more sophisticated scripting, maybe rebranding as “Astro Locker,” and has added new security evasion features. GuidePoint indicates that campaigns may be targeting biotech and healthcare-adjacent industries. An expert with Veridium offers perspective.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Rajiv Pimplaskar
April 26, 2021 12:20 pm

<p>There has been a 72% increase in ransomware over the past year that can be correlated with the COVID19 related shift to remote work and the increased use of non-company-provided computers and smartphones.  Complex passwords that are often written down are quite common across the Healthcare sector making the environment especially vulnerable to credential theft.  Password reuse also facilitates easier lateral movement of such attacks between various IT systems as ransomware groups seek out Personally Identifiable Information (PII).  Biotech firms and healthcare institutions should look at adopting passwordless authentication methods such as “phone as a token” and /or FIDO2 in order to strengthen the digital identity of all users.  This could reduce the incidence of credential theft and ransomware thereby keeping patient data safe as well as improving user experience and productivity for both providers and staff.</p>

Last edited 2 years ago by Rajiv Pimplaskar

Recent Posts

Would love your thoughts, please comment.x