A prolific ransomware gang vows to dial back its campaigns and spare healthcare organizations altogether during the COVID-19 crisis. It’s no cause for celebration.
When ransomware attacks a healthcare establishment, it can have a devastating effect. This was witnessed in 2017, when WannaCryptor.D (aka WannaCry) hit multiple sites across the United Kingdom’s National Health Service, limiting their ability to provide services and causing nearly 20,000 appointments to be cancelled.
The COVID-19 pandemic is stretching the resources of health services to their maximum, across the globe. This includes not only the courageous frontline healthcare professionals but all the support teams that create the environment for them to work in, such as IT security teams. Those teams may be pleased, and amazed, to hear that one of their adversaries – the team behind Maze ransomware – has decided to stop activities that target medical organizations, at least until the current situation is stabilized.
A “press release” dated March 18 states that the Maze team is also willing to offer exclusive discounts to their partners due to economic conditions. I think their use of the word “partner” actually refers to victims, which is like arsonists calling the owners of the building they torched their “partners”.
Maze Team “press release” – hat tip to malware researcher going by the Twitter handle CryptoInsane
The group has been responsible for a number of recent attacks including against both the City of Pensacola and manufacturing company Southwire. In both instances the victims refused to pay ..
Support the originator by clicking the read the rest link below.
