The ransomware application Lockbit 2.0 poses a significant cyberthreat to hospitals and other healthcare organizations, according to an alert issued by the HHS Office of Information Security.
In a Feb. 7 report, HHS revealed that there are “indicators of compromise associated" with LockBit 2.0 ransomware.”
“Although the LockBit 2.0 cybercrime gang claims to not attack healthcare organizations, all ransomware continues to act as a major cyberthreat against the U.S. Healthcare and Public Health (HPH) Sector. It is extremely important to both know and apply the information included in this Flash (alert),” HHS said in the notification.
The alert comes in the wake of a similar warning by the FBI published Feb. 4.
“LockBit 2.0 ransomware compromises victim networks through a variety of techniques, including, but not limited to, purchased access, unpatched vulnerabilities, insider access, and zero-day exploits,” according to the FBI alert.
HHS recommends that organizations reduce their attack surface as much as possible by taking the following steps:
- Utilize the included indicators of compromise in your threat hunting and detection programs.
- Use multi-factor authentication and strong passwords.
- Establish a robust data backup program.
- Consider signing up for CISA’s cyber hygiene services.