HC3: Ransomware Groups Leveraged Remote Access, Encryption Tools in Q1

Health IT News

Jill McKeon

The Health Sector Cybersecurity Coordination Center (HC3) observed ransomware groups increasingly turning to legitimate tools such as Cobalt Strike and Mimikatz during ransomware intrusions in the first quarter of 2022.

HC3 saw threat actors favoring file transfer, remote access, and encryption tools to infiltrate target organizations. In addition, experts noted Initial Access Brokers (IABs) consistently selling healthcare entity network access on various cybercriminal forums throughout Q1 at similar rates to 2021.

“IABs enable RaaS groups to focus time and energy on...

Get the Morning Update

Thanks for subscribing!