Ransomware does not slow down. Bad guys saw the gain in this attack technique and they are highly motivated to carry on this attack.
A ransomware warning against the Daixin Team for healthcare sector came from CISA (Cybersecurity and Infrastructure Security Agency), FBI and HHS (Health and Human Services) in USA.
Daixin Team attackers have been linked to multiple health sector ransomware incidents since (at least) June 2022.
"U.S. health organizations are advised to take the following measures to defend against Daixin Team's attacks:
- Install updates for operating systems, software, and firmware as soon as they are released.
- Enable phishing-resistant MFA for as many services as possible.
- Train employees to recognize and report phishing attempts."
https://www.bleepingcomputer.com/news/security/us-govt-warns-of-daixin-team-targeting-health-orgs-with-ransomware/
"'The Daixin Team is a ransomware and data extortion group that has targeted the HPH Sector with ransomware and data extortion operations since at least June 2022,' the advisory revealed.
Since June, Daixin Team attackers have been linked to multiple health sector ransomware incidents where they've encrypted systems used for many healthcare services, including electronic health records storage, diagnostics, imaging services, and intranet services."
"The ransomware gang gains access to targets' networks by exploiting known vulnerabilities in the organizations' VPN servers or with the help of compromised VPN credentials belonging to accounts with multi-factor authentication (MFA) toggled off."