McLaren HealthCare, one of the largest healthcare systems in Michigan, confirmed that it is dealing with a ransomware attack after the Black Cat/AlphV gang claimed to have stolen 6 TB of data, including the personal information of 2.5 million people.
“McLaren your security is at an all-time low, and we’ve proven it to you. Our backdoor is still running on your network, you decided to play with us, we have a great sense of humor too, and we know how to have fun. See you again…,” said Black Cat on their leak site.
McLaren operates 13 hospitals and numerous other healthcare facilities across Michigan, and, earlier this month, the company reported outages not only affecting billing and electronic health record systems but forced McLaren to shut down the computer networks at 14 different facilities; employees had to use their personal phones to communicate.
A spokesperson for McLaren said systems remain operational but did not comment as to whether billing and record systems had been restored to functionality, nor did they say whether a ransom would be paid.
“We have also taken measures to further strengthen our cybersecurity posture with a focus on securing our systems and limiting disruption to our patients and the communities we serve,” said a spokesperson for McLaren.
Stephen Gates, Principal Security SME, Horizon3.ai had this to say:
“Today, no organization is immune to the threat of a successful ransomware campaign, but there is something every organization can do about managing their risk – and now is the time to do it. Organizations must immediately discover where their greatest exploitable weaknesses are and remediate them before it’s too late.
“In most cases, the ransomware attacks making news daily are not being enabled by some recent CVE. Instead, there are easily exploitable weaknesses residing in almost every organization’s network that are making the ransomware actors “jobs” much easier. Here are the Top 20 issues that we see in organizations networks on a reoccurring basis.
- Credential Reuse Across Systems
- Unsecured Admin Credentials
- Insecure Active Directory Configurations
- Default Service Accounts
- Inadequate Access Control
- Deficient Network Segmentation
- Insecure Network Protocols in Use
- Unsafe File Sharing Practices
- Improperly Secured Databases
- Password/Credential Exposure
- Exposed RDP Ports
- Absence of Multi-factor Authentication (MFA)
- Misconfigured Security Controls
- Outdated Hardware/Software
- Insufficient Incident Response Processes
- Missing Patches and Updates
- Misconfigured Firewalls
- Insecure Wireless Networks
- Insecure IoT Devices
- Shadow IT
This isn’t a trivial amount of people who have been affected by this. It makes me wonder if companies take cybersecurity seriously.
Like this:
Like Loading...
Related
This entry was posted on October 2, 2023 at 4:03 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
McLaren Healthcare Pwned By Ransomware…. 2.5 Million Affected
McLaren HealthCare, one of the largest healthcare systems in Michigan, confirmed that it is dealing with a ransomware attack after the Black Cat/AlphV gang claimed to have stolen 6 TB of data, including the personal information of 2.5 million people.
McLaren operates 13 hospitals and numerous other healthcare facilities across Michigan, and, earlier this month, the company reported outages not only affecting billing and electronic health record systems but forced McLaren to shut down the computer networks at 14 different facilities; employees had to use their personal phones to communicate.
A spokesperson for McLaren said systems remain operational but did not comment as to whether billing and record systems had been restored to functionality, nor did they say whether a ransom would be paid.
“We have also taken measures to further strengthen our cybersecurity posture with a focus on securing our systems and limiting disruption to our patients and the communities we serve,” said a spokesperson for McLaren.
Stephen Gates, Principal Security SME, Horizon3.ai had this to say:
“Today, no organization is immune to the threat of a successful ransomware campaign, but there is something every organization can do about managing their risk – and now is the time to do it. Organizations must immediately discover where their greatest exploitable weaknesses are and remediate them before it’s too late.
“In most cases, the ransomware attacks making news daily are not being enabled by some recent CVE. Instead, there are easily exploitable weaknesses residing in almost every organization’s network that are making the ransomware actors “jobs” much easier. Here are the Top 20 issues that we see in organizations networks on a reoccurring basis.
This isn’t a trivial amount of people who have been affected by this. It makes me wonder if companies take cybersecurity seriously.
Share this:
Like this:
Related
This entry was posted on October 2, 2023 at 4:03 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.