HealthcareCISO

The Federal Bureau of Investigation has issued a warning about Hive ransomware after the group took down IT systems at Memorial Health System last week (see Memorial Health System in Ohio Latest to Be Hit With Attack).

The alert details indicators of compromise, tactics, techniques, and procedures (TTPs) associated with ransomware attacks by a supposed Ransomware-as-a-Service organization consisting of various actors using multiple mechanisms to compromise business networks, exfiltrate data and encrypt data on the networks, and attempt to collect a ransom in exchange for access to the decryption software.

Technical Details
Hive, which operates as an affiliate-based ransomware operation "uses multiple mechanisms to compromise business networks, including phishing emails with malicious attachments to gain access and Remote Desktop Protocol (RDP) to move laterally once on the network," the alert states.

"After compromising...