A(nother) Ransomware Saga with a Twist

/in


The healthcare sector has once again found itself at the center of a storm. On February 21, Change Healthcare, a titan in healthcare support services, suffered a devastating cyberattack by the notorious BlackCat/ALPHV group. This incident has sent shockwaves through the U.S. healthcare system, affecting hospitals, clinics, and pharmacies nationwide.

The Unfolding of the Cyberattack

 

Change Healthcare, recently acquired by UnitedHealth Group in an $8 billion deal, is integral to the healthcare infrastructure in the U.S. and several other countries. They process an astonishing 15 billion insurance claims annually, totaling over $1.5 trillion. The breach by BlackCat, the same group implicated in the Las Vegas casino attacks, highlights the pervasive vulnerabilities within the healthcare industry.

The attack’s modus operandi remains shrouded in mystery, though speculation points toward a combination of remote desktop and Active Directory brute-forcing techniques. Regardless of the entry point, the aftermath was clear: ransomware was deployed, crippling over 111 different services within Change Healthcare’s vast network. 

Due to the critical position of Change Healthcare in the industry, where it provides services to hospitals, clinics and pharmacies to professional and patients alike, the attack led to a nationwide healthcare paralysis, where hospitals couldn’t bill, pharmacies couldn’t process insurance, and countless patients were left in a state of uncertainty and financial distress.

As part of the ransomware deployment, a substantial amount of bitcoins was requested to free the encrypted data and pinky-swear delete simultaneously stolen data.

The Government Steps In

 

The ripple effects of the attack were so severe that the Department of Health and Human Services (HHS) intervened, issuing guidance to healthcare providers and insurance companies. This unprecedented step aimed to mitigate the crisis by encouraging flexibility in prior authorization rules and acceptance of paper claims, among other measures.

By March 7, Change Healthcare had restored prescription claim submissions and payment systems, with a full recovery of their electronic payments platform made by…

Source…