HC3: Ransomware Groups Leveraged Remote Access, Encryption Tools in Q1
Health IT News
The Health Sector Cybersecurity Coordination Center (HC3) observed ransomware groups increasingly turning to legitimate tools such as Cobalt Strike and Mimikatz during ransomware intrusions in the first quarter of 2022.
HC3 saw threat actors favoring file transfer, remote access, and encryption tools to infiltrate target organizations. In addition, experts noted Initial Access Brokers (IABs) consistently selling healthcare entity network access on various cybercriminal forums throughout Q1 at similar rates to 2021.
“IABs enable RaaS groups to focus time and energy on...