July 5, 2022

Volume XII, Number 186

Advertisement
Advertisement
Advertisement

FBI Warns of Hive Ransomware Following Attack Against Hospital System

On August 25, 2021, the FBI issued a Flash Alert to warn companies, especially in the health care industry, about the proliferation of attacks by threat actors using Hive ransomware.

According to the Flash Alert, Hive was first observed in June 2021: “Hive ransomware uses multiple mechanisms to compromise business networks, including phishing emails with malicious attachments to gain access and Remote Desktop Protocol (RDP) to move laterally once on the network.”

“After compromising a victim network, Hive ransomware actors exfiltrate data and encrypt files on the network. The actors leave a ransom note in each affected directory within a victim’s system, which provides instructions on how to purchase the decryption software. The ransom note also threatens to leak exfiltrated victim data on the Tor site, ‘HiveLeaks.'”

The Flash Warning provides technical details, indicators of compromise, the content of a sample ransom note, and recommended mitigation techniques. The FBI also requests that all victims provide information to the FBI if they have suffered an attack using Hive.

Copyright © 2022 Robinson & Cole LLP. All rights reserved.National Law Review, Volume XI, Number 245
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence
Partner

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...

401-709-3353
Advertisement
Advertisement
Advertisement