The Department of Health and Human Services’ cybersecurity center recently released an advisory about a “ransomware-as-a-service” group called Everest that is now focused on the $4 trillion healthcare industry. According to an emailed newsletter from the American Hospital Association, the group is known to access systems through compromised user accounts and remote access tools. The ransomware is designed to attack by initially gaining unauthorized access to an organization’s data through credential theft. The attacker then sells the unauthorized access to secondary groups that conduct the ransomware attack.
It can happen again: Meanwhile, McLaren Health Care in Michigan reported on August 5, 2024, that it was hit with its second cyberattack in 2 years. The previous incident exposed 2.2 million patients’ information, but whether patient information was compromised by the incident from this month has not been confirmed. Systems were back online as of August 26, 2024, officials confirmed to M Live.