Security leaders weigh in on the recent UnitedHealth cyberattack

March 5, 2024 – Published on Security Magazine

UnitedHealth Group recently announced that an associated technological unit (Change Healthcare) faced a cyberattack from the Blackcat ransomware group. The attack caused disruptions to insurance transactions and electronic pharmacy refills. As a result, the American Hospital Association has advised that healthcare entities remain vigilant and monitor for signs of risk. Security Magazine spoke with Nic Finn, Threat Intelligence Consultant, GuidePoint Security, as well as other industry experts:

“Following December’s law enforcement disruption of their data leak site, Alphv, also known as BlackCat, has vowed increasingly aggressive actions and removed ostensible restrictions on targeting critical infrastructure and healthcare.”

“While Alphv may have notionally prohibited targeting such organizations in the past, the group has been actively attacking healthcare organizations for a while now, with several large healthcare providers and networks impacted in 2023. Of the attacks impacting healthcare we observed in 2023, Alphv was responsible for nearly 10%, second only to LockBit.”

“While we have seen several healthcare organizations impacted by Alphv in 2024, it remains to be seen whether this is an intentional increase representative of deliberate targeting or just continued operations as usual, pursuing vulnerable targets of opportunity and exploiting frequent weaknesses in health organization networks. Healthcare organizations make attractive targets for ransomware groups due to the sensitivity and value of Personal Identifiable Information and Protected Health Information, which both increase extortive leverage over victims and the value of data for sale to other actors should the victim not pay.”

Read More HERE.