Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
| (844) 627-8267

What to know about BlackCat, the new ransomware group hitting hospitals, clinics, pharma | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

The Morning Meeting with Al Tompkins is a daily Poynter briefing of story ideas worth considering and other timely context for journalists, written by senior faculty Al Tompkins. Sign up here to have it delivered to your inbox every weekday morning.

It takes a special kind of awfulness to earn an alert from the Department of Health and Human Service’s Office of Information Security and Healthsector Cybersecurity Coordination Center, but two fairly new ransomware attackers have earned that prominence by hitting health care providers like hospitals and clinics.

HHS is warning about BlackCat ransomware and Royal ransomware that it says emerged last year and has what it believes are experienced operators.

The warning says BlackCat is a successor to REvil, which has ties to Russian hackers. The warning says, “They have demanded ransoms as high as $1.5M; affiliates keep 80-90% of the ransom fee.” The warning also says this about BlackCat:

A relatively new but highly capable ransomware threat to the health sector

First detected in November 2021; per the FBI, they compromised at least 60 victims in four months • Written in Rust; highly adaptable; Ransomware-as-a-service

  • Conducts triple extortion (ransomware, threats to leak stolen data and distributed denial of service attacks)
  • Suspected to be a successor group of Darkside/BlackMatter; recruiting from REvil, BlackCat admin is former REvil member
  • Searchable data posted to open web to increase leak pressure
  • Their targeting is focused on the U.S. and includes healthcare: According to the group, “We do not attack state medical institutions, ambulances, hospitals. This rule does not apply to pharmaceutical companies, private clinics.” Many cybercriminal gangs have broken promises not to attack healthcare targets in the past.


Experts say Royal started by attacking entities associated with auto racing in Britain. Then it spread to businesses, including property appraisals. Then, HHS says, on Dec. 1, a targeted U.S. telecom organization experienced an outage that impacted all of their services, including health care. HHS did not name the carrier.

While the Royal attacks showed up in other countries first, the U.S. is the newest and biggest target. HHS says this is Royal’s global footprint:

Percentage of Royal Ransomware Attacks by Country (HHS)

HHS’ alert gives some new names to ask your local security officials about:

In November 2022, Royal surpassed Lockbit to become the most notorious ransomware.

Royal Ransomware operations start in various ways, including through phishing campaigns using common cyber crime threat loaders, such as BATLOADER and QBot.

Royal appears to be a private group without any affiliates, maintaining financial motivation as their goal.

Ransom demands range from $250,000 to over $2 million USD.

The group will conduct methods seen from other operations, including deploying Cobalt Strike for persistence, harvesting credentials, and moving laterally through a system until files are encrypted.

The government warns that the attacks enter company systems in the most benign ways:

Delivery methods include:

  • Using Google Ads in a campaign to blend in with normal ad traffic.
  • Making malicious downloads appear authentic by hosting fake installer files on legitimate-looking software download sites.
  • Using contact forms located on an organization’s website to distribute phishing links.

Read more:

Politicians often talk about the problem of the shrinking middle class, but what constitutes middle class and how does your income stack up?

Investopedia says:

  • The middle class constitutes 50% of the U.S. population as of 2021, which is quite a bit smaller than it has been in nearly half a century.
  • Historically, the middle class has been the engine of American economic growth and prosperity.
  • The share of income captured by the middle class fell from 62% in 1970 to 43% in 2014.
  • The middle class is shrinking due to an increase in population at the extreme bottom and top of the economic spectrum.
  • The median income in the U.S. was $65,000 in 2020 (regardless of household size).

Pew researchers have loaded up a website with the latest data from 260 metro areas around America. If you live outside of a metro, you can just use your state’s figures. Pew says its calculator lets you compare your income with other adults in your local area and the rest of the country. You may find that you are in the upper-income area of your community but middle income nationwide, or you could be upper income nationally but not upper income if you live in a ritzy area.

Your size-adjusted household income and the cost of living in your area are the factors we use to determine your income tier. Middle-income households – those with an income that is two-thirds to double the U.S. median household income – had incomes ranging from about $48,500 to $145,500 in 2018. Lower-income households had incomes less than $48,500 and upper-income households had incomes greater than $145,500 (all figures computed for three-person households, adjusted for the cost of living in a metropolitan area, and expressed in 2018 dollars).

The following example illustrates how cost-of-living adjustment for a given area was calculated:

  • Jackson, Tennessee, is a relatively inexpensive area, with a price level in 2018 that was 19.0% less than the national average.
  • The San Francisco-Oakland-Hayward metropolitan area in California is one of the most expensive areas, with a price level that was 31.6% higher than the national average.

Thus, to step over the national middle-class threshold of $48,500, a household in Jackson needs an income of only about $39,300, or 19.0% less than the national standard. But a household in the San Francisco area needs a reported income of about $63,800, or 31.6% more than the U.S. norm, to join the middle class.

You can pull back a little wider in your view to see how your income stacks up globally. This is where the data is humbling. Middle income globally is less than $30,000 for a family of four, and you probably are considered to be high income by global standards.

(Pew Research)

Pew says:

As our study defines it, people who are middle income, globally speaking, live on $10.01-$20 a day, which translates to an annual income of about $14,600 to $29,200 for a family of four. The other four income groups are defined as follows: The poor live on $2 or less daily, low income on $2.01-$10, upper-middle income on $20.01-$50, and high income on more than $50. All figures are expressed in 2011 prices and purchasing power parity dollars.

The global data takes 189 countries into consideration.

The Wall Street Journal ran the so-2023 story of how swimmers who take a dip in the cold winter water look down on sensible people who wear wetsuits.

Cold-water immersion is having a moment these days, with growing numbers of fans plunging into low-temperatures to try to feel better. But in San Francisco, the chatter about chilly water goes much deeper than in most places.

It is home to the great wetsuit divide.

In 50-degree water, the first stages of hypothermia can kick in after just 10 minutes, according to John A. Downing, a professor of biology with the University of Minnesota’s Large Lakes Observatory. “Wetsuit shaming. I find that hysterical,” he says. “Why would you shame someone for trying to stay alive?”


Click Here For The Original Source.

National Cyber Security