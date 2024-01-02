New York Hospitals Take Legal Action Against LockBit Ransomware Attack

Two not-for-profit hospitals in New York, Carthage Area Hospital and Claxton-Hepburn Medical Center, have initiated legal proceedings to retrieve stolen data after falling victim to ransomware attacks orchestrated by the notorious LockBit gang. The hospitals, which are integral parts of the North Star Health Alliance that serves 220,000 people, found their data on cloud storage servers managed by Wasabi Technologies.

Fighting Back Against Cybercrime

Wasabi has been cooperative, providing the FBI with copies of the data. However, the hospitals are now seeking a court order to acquire the stolen data to ascertain the extent of the information that was compromised. LockBit, infamous for its attacks on healthcare facilities in the US and Europe, has caused significant disruptions in patient care. The ransomware-as-a-service operation has been active since 2019 and, since 2020, is estimated to have extorted at least $91 million from US organizations.

Healthcare Under Siege

The CEO of North Star Health Alliance, Richard Duvall, has underscored the criticality of retrieving the data to comprehend the full scope of the data breach. This incident underscores the persistent cybersecurity challenges confronting healthcare providers and the intricate legal issues surrounding data breaches.

LockBit’s Reign of Terror

LockBit, which surfaced in 2019, has launched versions 2.0 and 3.0 of its ransomware in 2021 and 2022, respectively. Operating on a global ransomware-as-a-service (RaaS) model, it primarily targets multinational companies. Despite some setbacks, such as the leak of LockBit Black’s builder online, the group remains a potent threat. In November 2023, LockBit led the pack with 108 victims, mostly targeting the Manufacturing sector and the USA.

The situation is a grim reminder of the escalating cyber threats across various industries and the alarming rise in global cybersecurity threats compared to data from 2022. It also draws attention to new variants of ransomware, such as DJVU, Phobos, BlackCat, and Cerber, and the exposure of prolific threat actor Farnetwork for Ransomware as a Service operations.