The Department of Homeland Security recently published a joint advisory along with the Federal Bureau of Investigation (FBI) and the Department of Treasury on suspected North Korean state-sponsored ransomware campaign implementing the Maui malware. The campaign has been targeting healthcare-related organizations for the purposes of coercing compromised victims into paying ransoms. These operations have successfully disrupted some important healthcare functionality such as access to health records and imagining services. Though the advisory did not relate if and how many victims paid the requested ransoms, recent FBI operations recovered approximately USD 500,000 in Bitcoin that the extortionists had received. While these actions have proven successful, it does not appear to have thwarted North Korean efforts in this capacity, who may turn to other global healthcare targets in an effort to circumvent such robust law enforcement responses.
This is not the first time North Korea has engaged in ransomware activities. In 2017, North Korea actors executed the WannaCry ransomware, a global campaign that proliferated to 150 countries, and inflicting damages as high as USD 4 billion. However, despite the magnitude of the infections, the North Korea actors did not garner a significant amount in ransom payments, especially by the standards set by groups like LockBit and Conti. Two reasons have been cited for why despite the wide propagation of the malware, it did not yield the results one might h ..
Support the originator by clicking the read the rest link below.
