Ransomware Threat: Microsoft Exposes INC Ransomware Attack on US Healthcare Providers

Wednesday, 18 September 2024, 17:00

Ransomware threats are escalating as Microsoft warns about the INC ransomware targeting US healthcare providers. Ransomware group Vanilla Tempest has been linked to these attacks, utilizing tactics like Gootloader infections for initial access. This alarming trend underscores the vulnerability of the healthcare sector to ransomware exploitation.
Csoonline
Ransomware Threat: Microsoft Exposes INC Ransomware Attack on US Healthcare Providers

Ransomware Attacks on Healthcare: Microsoft’s Findings

Microsoft has confirmed reports of ransomware attacks against US healthcare providers, emphasizing the active engagement of the group known as Vanilla Tempest. This ransomware scheme, utilizing INC ransomware, has emerged as a significant threat to the healthcare system.

Methodology Behind the Attacks

The threat actors employed a compromised access method, gaining entry through Gootloader infections that facilitate lateral movement within victim networks. By hijacking systems infected by another actor, they successfully deployed the INC ransomware payload.

  • Ransomware group Vanilla Tempest has been active since June 2021.
  • Initial access often via Gootloader, targeting various industries.
  • Utilization of legitimate tools like AnyDesk for malicious purposes.

Exfiltration Strategy: Beyond Ransomware

Interestingly, Microsoft’s investigation indicates that Vanilla Tempest may execute extortion tactics without deploying ransomware, using MEGA data synchronization for data exfiltration. This alteration in approach highlights the evolving tactics within the ransomware landscape.

With a history of targeting educational sectors too, Vanilla Tempest signifies a persistent threat. The shift to the INC ransomware model might reflect their pursuit of swift financial gains under the guise of extortion.


This article was prepared using information from open sources in accordance with the principles of Ethical Policy. The editorial team is not responsible for absolute accuracy, as it relies on data from the sources referenced.


Related posts


Newsletter

Subscribe to our newsletter for the most reliable and up-to-date tech news. Stay informed and elevate your tech expertise effortlessly.

Subscribe