This week, Brazilian healthcare giant Grupo Fleury suffered a ransomware attack. Business operations were impaired up to the point that systems had to be shut down, leaving patients unable to book appointments for labs and other medical examinations online. On the 22nd of June, the Grupo Fleury website began displaying a warning message, alerting to the fact that its systems were suffering an attack, but that the company was doing its best to remediate the damage. The message also stated that “the causes of this unavailability originated from the attempted external attack on [their] systems, which are having operations re-established with all the resources and technical efforts for the rapid standardization of services.”
Since the disclosure, several cybersecurity sources have confirmed the attack was launched by the REvil ransomware gang, also known as Sodinokibi. “The Healthcare industry and healthcare supply chain are both one of the top three targeted sectors worldwide. Additionally, REvil are launching a lot of attacks at the moment, having hit a maritime organisation in Brazil earlier this month,” said Andy Norton, European cyber risk officer at Armis.
We are in the midst of watching ransomware gangs become more sophisticated and daring, often targeting companies just to prove a point. Following the ransomware on the healthcare provider, Robert Golladay, EMEA and APAC director at Illusive, believes that the fact that a ransomware gang has gained access to such sensitive information is concerning. “While it is not clear whether personal data was exfiltrated or not, it is best for Fleury to take all necessary steps to alert potentially affected parties and provide advice on how to best prepare for socially engineered scams”, Golladay said.
REvil is demanding $5 million for the decrypter key and the assurance that no vital information will be leaked online. The fact that Grupo Fle ..
Support the originator by clicking the read the rest link below.
