Ransomware gang behind Ireland attack also hit US health and emergency networks
Conti ransomware is proving to be a serious threat.
The ransomware attack that hobbled the Irish healthcare system was far from an isolated incident. BleepingComputer and Gizmodo note that the FBI has issued a flash alert warning that the ransomware group behind the Ireland attack also targeted "at least" 16 healthcare and emergency networks, including police and 911 dispatch centers. The group used Conti ransomware that steals files, encrypts systems and pressures victims into paying through a portal lest their data be sold or published online.
The FBI didn't identify the victims or say if they'd paid ransoms.
The Conti ransomware is believed to be under the control of the Russia-based Wizard Spider cybercrime gang. The code shares some connections with the Ryuk ransomware and even uses that malware's distribution channels.
The perpetrators behind the Irish attack released a free decryptor after realizing the nature of their victim, but they still said they'd release or sell data. They'd originally demanded a ransom. The issue, of course, is that this group might use similar tactics. Healthcare operations and personal data might be at risk even if attackers waive ransoms, and those that do pay might inadvertently encourage future attacks.