![]() They are delivered via phishing or emails in order to establish initial access. Cobalt Strike implants are most often the tool of choice. We can’t put the toothpaste back in the tube for Memorial Health Systems, but we can at least contribute a breakdown of the Hive operators’ preferred techniques and a deep dive into their ransomware toolkit to help other potential victims. HiveLeaks site showing the timer before releasing victim files As of the time of writing, there are 30 companies currently named on the HiveLeaks site. Hive’s schemes have proven successful so far as multiple leaks are currently posted on their victim blog. This allows them to pressure the victim into paying greater sums than a conventional ransomware attack as they also face the threat of a mass leak of sensitive data. Hive is yet another double extortion group, making their money off of a two-pronged attack: exfiltrating sensitive data before locking up the victims’ systems. Hive or “HiveLeaks” is a relatively new ransomware outfit that made its appearance on the scene in late June, 2021. Memorial Health Systems open statement on ransomware attack Who is Hive? This is a human-operated ransomware attack designed to take input from the command line, indicating the attackers are both aware of the environment and tailoring their attacks for maximum impact. While some ransomware attacks hitting public health and critical infrastructure targets can be the result of a shotgun approach to targetting – mass phishing campaigns that execute malware blindly on victim devices without awareness of the victim environment – that is not the case with Hive. ![]() As a result, the hospital was forced to advise some patients to seek treatment at separate facilities. On August 15, 2021, news broke of a Hive campaign against Memorial Health System, an Ohio healthcare provider. While many active ransomware groups have committed to forgoing attacks on medical targets in deference to the current global situation, Hive is not one of them.
0 Comments
Leave a Reply. |