Ransomware, Critical Infrastructure Security

US healthcare sector threatened by new Trinity ransomware

Cyber basics

Healthcare organizations across the U.S. have been warned by the Department of Health and Human Services Health Sector Cybersecurity Coordination Center regarding the "significant threat" of the new Trinity ransomware operation following the group's successful compromise of at least one healthcare entity in the country since its emergence in May, according to The Record, a news site by cybersecurity firm Recorded Future.

Attacks by Trinity ransomware, which were reported to have impacted a U.S. gastroenterology services provider and a New Jersey-based dental group, involved the exploitation of known software vulnerabilities to facilitate the delivery of the payload, an advisory from HC3 noted. After obtaining system information regarding vulnerable processors and connected drives, Trinity ransomware proceeds to enable network scanning, lateral movement, and file encryption, said the advisory, which also noted the absence of any decryption technique for the payload. Further analysis showed Trinity's similarities with the 2023Lock and Venus ransomware strains, indicating partnerships between different threat operations.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds