[mouellette30]

The Australian government has issued a security alert that is urging and encouraging local health sector organizations to check their cybersecurity defenses especially the controls that are used in order to detect and stop ransomware attacks. The Australian Cyber Security Center announced how they have observed that the Australian Health sector was being targeted by actors using the SDBBot Remote Access Tool (RAT). While not much information regarding the reasoning behind the targeted attacks, they have discovered that the SDBBot Remote Access Tool (RAT) has been exclusively distributed to a cybercrime group. The cybercrime group relies on email spam campaigns in order to target companies and infect workstations with malware. While the group is more known for dropping malware strains on infected networks, as of recently, the cybercrime group has been deploying the SDBBot as a way to access infected hosts remotely. In addition, the ACSC announced that the SDBBot is a known precursor to the clop ransomware which is one of the most aggressive groups of ransomware known today. These warnings about possible ransomware attacks on the health sector have come in after the U.S. have experienced the same issues with their health sectors being targeted. Overall, the ACSC have advised companies to look over ransomware guidance and to get themselves prepared for possible attacks as a starting point.

https://www.zdnet.com/article/australian-government-warns-of-possible-ransomware-attacks-on-health-sector/

Topic