Estonian Free PressEstonian Free Press
  • National Security
    • United States
    • United Kingdom
    • Europe
    • Estonia
    • Latvia
    • Lithuania
    • Moldova
    • Poland
    • Russia
    • Ukraine
  • Counterterrorism
  • Cybersecurity
  • Intelligence

Subscribe to Updates

Get the latest National Security News directly to your inbox.

What's Hot

Вже зараз потрібна принципова відповідь міжнародної спільноти на російські удари по Запорізькій АЕС – звернення Президента України

August 7, 2022

Beitnere-Le Galla pieņēmusi lēmumu nekandidēt Saeimas vēlēšanās ģimenes apstākļu dēļ

August 7, 2022

Unde activează fostul vicepremier pe Reintegrare, Vladislav Kulminski

August 7, 2022
Facebook Twitter Instagram
  • Privacy Policy
  • Terms and Conditions
  • Contact
Sunday, August 7
Estonian Free PressEstonian Free Press
  • National Security
    • United States
    • United Kingdom
    • Europe
    • Estonia
    • Latvia
    • Lithuania
    • Moldova
    • Poland
    • Russia
    • Ukraine
  • Counterterrorism
  • Cybersecurity
  • Intelligence
en English
en Englishet Estonianlv Latvianlt Lithuanianpl Polishro Romanianru Russianuk Ukrainian
Trending
  • Вже зараз потрібна принципова відповідь міжнародної спільноти на російські удари по Запорізькій АЕС – звернення Президента України
  • Beitnere-Le Galla pieņēmusi lēmumu nekandidēt Saeimas vēlēšanās ģimenes apstākļu dēļ
  • Unde activează fostul vicepremier pe Reintegrare, Vladislav Kulminski
  • Thatcher’s energy secretary says Tory leadership contenders’ response to price spike ‘inadequate’
  • Negotiators optimistic about progress on Iran nuclear deal
  • Jos sau nu guvernarea? Expert: Vom vedea situația când vor fi proteste
  • Ce cadouri a primit prim-ministra de la diferiți oficiali
  • Beijing continuing to send warships, aircraft toward Taiwan after Pelosi visit
Subscribe
Facebook Twitter Instagram
Estonian Free PressEstonian Free Press
Home » CISA, FBI and Treasury Release Advisory on North Korean State-Sponsored Cyber Actors Use of Maui Ransomware

CISA, FBI and Treasury Release Advisory on North Korean State-Sponsored Cyber Actors Use of Maui Ransomware

July 6, 20223 Mins Read Cybersecurity
Share
Facebook Twitter LinkedIn Pinterest Email

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of the Treasury (Treasury) today released a joint Cybersecurity Advisory (CSA) that provides information on Maui ransomware, which has been used by North Korean state-sponsored cyber actors since at least May 2021 to target Healthcare and Public Health (HPH) Sector organizations.

The CSA titled, “North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector,” provides technical details and indicators of compromise (IOC) observed during multiple FBI incident response activities over a period of more than a year and obtained from industry analysis of Maui samples. North Korean state-sponsored actors were observed using Maui ransomware to encrypt HPH servers responsible for providing healthcare services. In some cases, the malicious activity disrupted the services provided by the victim for prolonged periods.

“As the nation’s cyber defense agency, our team works tirelessly in collaboration with partners to publish timely information that can help organizations prevent and build resilience against all cyber threats,” said CISA’s Executive Assistant Director for Cybersecurity, Eric Goldstein. “Today’s advisory comes out of our strong partnership with the FBI and Treasury. This malicious activity by North Korean state-sponsored cyber actors against the healthcare and public health sector poses a significant risk to organizations of all sizes.”

“The FBI, along with our federal partners, remains vigilant in the fight against North Korea’s malicious cyber threats to our healthcare sector,” said FBI Cyber Division Assistant Director Bryan Vorndran. “We are committed to sharing information and mitigation tactics with our private sector partners to assist them in shoring up their defenses and protecting their systems.”

“Ransomware victimizes people and businesses, large and small, across America. Treasury has worked closely with CISA and FBI to counter ransomware and protect financial sector critical infrastructure,” said Rahul Prabhakar, Treasury Deputy Assistant Secretary for Cybersecurity and Critical Infrastructure Protection. “This joint advisory on Maui ransomware provides guidance that organizations of all sizes across the country can use to help defend themselves. We will continue to work closely with our partners to push out actionable information on ransomware and other malicious activity as quickly as possible to help individuals and businesses guard against ever-evolving cyber threats.”

The HPH Sector, as well as other critical infrastructure organizations, are urged to review this joint CSA and apply the recommended mitigations to reduce the likelihood of compromise from ransomware operations. The FBI, CISA, and Treasury assess that North Korean state-sponsored actors are likely to continue targeting HPH Sector organizations, because of the assumption that these organizations are willing to pay ransoms to avoid disruption of the critical life and health services they provide. For more information on state-sponsored North Korean malicious cyber activity, see CISA’s North Korea Cyber Threat Overview and Advisories webpage.

The FBI, CISA, and Treasury strongly discourage paying ransoms as doing so does not guarantee files and records will be recovered and may pose sanctions risks. In September 2021, Treasury issued an advisory highlighting the sanctions risk associated with ransomware payments and providing steps that can be taken by companies to mitigate the risk of being a victim of ransomware.

All organizations should share information on cybersecurity incidents and anomalous activity to CISA 24/7 Operations Center at [email protected] or (888) 282-0870 and/or to the FBI via your local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or [email protected]

Read more at CISA

Share. Facebook Twitter Pinterest LinkedIn Tumblr Telegram Email

Articles Liés

U.K. National Health Service Hit by Cyber Attack

August 6, 2022 Cybersecurity

IPAWS Advisory: Emergency Alert System (EAS) Vulnerability

August 5, 2022 Cybersecurity

GAO Warns Coast Guard of IT and OT Cybersecurity Vulnerabilities

August 5, 2022 Cybersecurity

TMF Invests in Improving Public-Facing Services, Bolstering Cybersecurity

August 4, 2022 Cybersecurity

Bipartisan Legislation Aims to Protect Federal Data Centers from Extreme Weather, Cyber Attacks, and Other Disasters

August 2, 2022 Cybersecurity

HSToday Welcomes Bob Kolasky, Former Head of DHS National Risk Management Center, as Editorial Board Member and Columnist

August 1, 2022 Cybersecurity
Don't Miss
Latvia

Beitnere-Le Galla pieņēmusi lēmumu nekandidēt Saeimas vēlēšanās ģimenes apstākļu dēļ

By woe whAugust 7, 20220

“Konservatīvo” frakcijas deputāte Dagmāra Beitnere-Le Galla pieņēmusi lēmumu nekandidēt 14.Saeimas vēlēšanās vīra veselības dēļ, sarunā…

Unde activează fostul vicepremier pe Reintegrare, Vladislav Kulminski

August 7, 2022

Thatcher’s energy secretary says Tory leadership contenders’ response to price spike ‘inadequate’

August 7, 2022

Negotiators optimistic about progress on Iran nuclear deal

August 7, 2022
Stay In Touch
  • Facebook
  • Twitter
  • Pinterest
  • Instagram
  • YouTube
  • Vimeo
Our Picks

Ce cadouri a primit prim-ministra de la diferiți oficiali

August 7, 2022

Beijing continuing to send warships, aircraft toward Taiwan after Pelosi visit

August 7, 2022

Most Americans think the U.S. economy is getting worse: poll

August 7, 2022

Thousands of infected blood victims to receive £100,000 compensation

August 7, 2022

Subscribe to Updates

Get the latest National Security News directly to your inbox.

© 2022 Estonian Free Press. All rights reserved.
  • Privacy Policy
  • Terms and Conditions
  • Contact

Type above and press Enter to search. Press Esc to cancel.