HomeMalware & ThreatsDaVita suffers ransomware attack

DaVita suffers ransomware attack

Published on

spot_img

DaVita, a prominent player in the kidney dialysis industry, has been the target of a ransomware attack recently. Fortunately, the breach has not impacted patient-related services thus far. However, there is a looming concern that the hackers may choose to release or sell the stolen data, potentially leading to a rise in phishing attacks and identity theft.

As the investigation into the full extent of the ransomware attack on DaVita’s operations continues, it is crucial to delve into the broader evolution of file-encrypting malware and its implications.

Traditionally, ransomware attacks involved encrypting files and demanding a ransom for decryption. However, this model has evolved into what is now known as “double extortion.” In this new scenario, cybercriminals not only encrypt files but also exfiltrate sensitive data upfront. If the victim refuses to pay the ransom, the attackers threaten to sell the stolen data on the dark web.

A recent trend in ransomware attacks involves data extortion without encryption. Instead of encrypting files, some attackers opt to solely steal the data and threaten to sell it on underground markets if their demands are not met. This tactic can be particularly perilous as it does not require decryption and can have immediate repercussions for the victims.

The value of stolen data is determined by the type of information exfiltrated. Health, financial, and personally identifiable information (PII) are highly coveted and can command substantial prices on the dark web, ranging from $1,200 to $5,000 per dataset based on volume and sensitivity. Data sizes, varying from 1GB to 10TB, also influence the price.

To mitigate the risks of falling victim to cyberattacks, organizations must adopt proactive security measures. Best practices include maintaining multiple encrypted backups of critical data, employing multi-factor authentication (MFA) to control access, installing comprehensive endpoint protection software, configuring network firewalls to block unauthorized access attempts, educating employees on cyber threats, and exercising caution while downloading applications and clicking on links.

By implementing these precautions, organizations can fortify their defenses against cybercriminals and lessen the likelihood of succumbing to attacks.Join our LinkedIn group Information Security Community for more insights and updates on cybersecurity.

Source link

Latest articles

ClickFix and Removable Media: Key Malware Delivery Methods

Cybersecurity Trends: The Rise of ClickFix and USB-Based Attacks In the ever-evolving landscape of cybersecurity,...

Ransomware Negotiator Sentenced to 70 Months in Prison for Supporting BlackCat Attacks

Former Ransomware Negotiator Sentenced for Betrayal and Extortion In a significant legal development, a 41-year-old...

New Ransomware Uses Malicious Driver to Bypass Security Protections

Emerging Threat: GodDamn Ransomware Leverages Microsoft-Signed Drivers for Enhanced Evasion Tactics The landscape of ransomware...

Addressing Synthetic Media Challenges to Preserve Trust

The Rising Threat of Synthetic Media: Insights from VerifyLabs.AI Synthetic media, particularly in the form...

More like this

ClickFix and Removable Media: Key Malware Delivery Methods

Cybersecurity Trends: The Rise of ClickFix and USB-Based Attacks In the ever-evolving landscape of cybersecurity,...

Ransomware Negotiator Sentenced to 70 Months in Prison for Supporting BlackCat Attacks

Former Ransomware Negotiator Sentenced for Betrayal and Extortion In a significant legal development, a 41-year-old...

New Ransomware Uses Malicious Driver to Bypass Security Protections

Emerging Threat: GodDamn Ransomware Leverages Microsoft-Signed Drivers for Enhanced Evasion Tactics The landscape of ransomware...