‘Blackcat’ ransomware hit on Change Healthcare impacts hospital and pharmacy systems | #ransomware | #cybercrime

It is believed the ongoing cyber attack on US health tech giant Change Healthcare is the work of the ‘Blackcat’ ransomware gang.

The targeted hit has caused significant disruption to the health system in recent days with hospitals and pharmacies impacted, as reported by Reuters.

Owned by parent company UnitedHealth, Change operates a major health payment system, connecting care providers and patients across the states. Headquartered in Nashville, Tennessee, the company posted revenues of almost $3.5 billion in 2022.

Last week, hackers obtained access to Change Healthcare’s IT infrastructure with immediate knock-on effects at pharmacies to the detriment of of patients.

Whilst there was no immediate comment from UnitedHealth or Blackcat (also known as ALPHV) in the aftermath of the breach, Reuters has now briefed on the latter’s responsibility for the attack.

Inevitable outcome

This latest development comes after the parent company of Change Healthcare attributed an earlier incident to a “suspected nation-state associated cybersecurity threat actor,” but an industry expert has played down that line of enquiry.

“I am not aware of any links between ALPHV and a nation state,” said Brett Callow, a threat analyst at the cybersecurity firm Emsisoft. “As far as I am aware they are financially motivated cybercriminals and nothing more.”

In December, Blackcat was the target of an international law enforcement response led by US authorities to take down its websites and digital assets, with a relative degree of success. In response, the cyber criminals threatened to retaliate by going after critical infrastructure concerning hospitals and providers.

On this outcome, Callow added law enforcement activity was important but unlikely to completely eradicate the problem.

“It’s inevitable that if you have a group that’s making millions of bucks, they are going to attempt to make a comeback,” he said.

Blackcat is an infamous ransomware gang, one of the most prolific groups of online attackers which has previously targeted the likes of MGM Resorts International and Caesars International.

Image: Tima Miroshnichenko/Pexels

Graeme Hanna

Freelance Writer

Graeme Hanna is a full-time, freelance writer with significant experience in online news as well as content writing.

Since January 2021, he has contributed as a football and news writer for several mainstream UK titles including The Glasgow Times, Rangers Review, Manchester Evening News, MyLondon, Give Me Sport, and the Belfast News Letter.

Graeme has worked across several briefs including news and feature writing in addition to other significant work experience in professional services. Now a contributing news writer at, he is involved with pitching relevant content for publication as well as writing engaging tech news stories.

Source link


National Cyber Security