U.S. government agencies, such as the FBI, the Department of Health and Human Services and the Cybersecurity and Infrastructure Security Agency, issued an alert Friday about the Black Basta ransomware gang that targets the healthcare industry and 12 of the 16 critical infrastructure sectors, according to The Record, a news site by cybersecurity firm Recorded Future.
Click for more special coverage
The ransomware-as-a-service group usually conducts phishing attacks and known vulnerabilities against organizations but does not ask for payment information or ransom demands immediately, the agencies said.
Victims communicate with the group through a unique code or link sent to them and are given between 10 and 12 days to send ransom payment before their stolen data is published.
The advisory warned that tools like the SoftPerfect network scanner are also being used by the group’s affiliates. Other vulnerabilities used by the group include NoPac, PrintNightmare and ZeroLogon.
Healthcare organizations “are attractive targets for cybercrime actors due to their size, technological dependence, access to personal health information, and unique impacts from patient care disruptions,” the agencies warned.