Emergent ransomware gang FIN12 strikes hospitals, moves quickly against big targets

Written by
Oct 7, 2021 | CYBERSCOOP

A Russian-speaking in recent months has aggressivelytargeted North American organizations with more than $300 million in revenue, with a ruthless focus on the care sector amid the COVID-19 , according to new findings.

The threat intelligence firm published details Thursday about a group it calls , a gang that moves quickly and uses an array of established hacking tools to infiltrate its targets. Over the past year, have kept investigators busy, accounting for 20% of the ransomware incidents that Mandiant has responded to, with the next highest attackers at 5%, according to Kimberly Goody, the company’s director of cyber crime .

“They have a significantly higher cadence of attacks from our perspective,” she said. “We also see that, unlike other threat actors, this group has also aggressively pursued victims in critical sectors like health care, even during the pandemic, which had resulted in several actors saying that they wouldn’t target those organizations. So FIN12 has shown that they are very aggressive and brazen in who they target.”

The designation comes during a big year for ransomware, with attacks on Colonial Pipeline, JBS and Kaseya elevating the topic

Read More: https://www.cyberscoop.com/fin12-mandiant-hospitals-300-million/