On August 29, 2022 the Health Sector Cybersecurity Coordination Center (HC3) released a Threat Profile on Evil Corp, a cybercriminal gang that has been exceptionally aggressive and capable in their more than decade of global hacking operations. They are one of the most capable cybercriminal syndicates in the world and are based out of Russia and have been operational since 2009. Evil Corp, also known as UNC2165, GOLD DRAKE and Indrik Spider, is responsible for the development and operations of several of the most powerful malware and ransomware variants, and maintain strong relationships not just with other powerful cybercriminal gangs, but also the Russian government. The U.S. federal government has indicted members of their gang and has an active bounty offered for information on their leadership. Evil Corp has been observed modifying their activities to circumvent U.S. federal government actions to stop them. Read the Threat Profile which also provides advice to improve network defense. Protect Your Organization from Cyber Threats Healthcare continues to be one of the top industries targeted by cyber-attacks. Organizations of all sizes, small, medium, and large, continue to fall victim to attacks that directly affect patient safety. C-Suite Executives, Directors, Managers and Supervisors should set the example for workforce members by investing time and staying vigilant when it comes to securing privacy and security of protect health information. 405(d) Task Group’s Current Five Threats: - Attacks against connected medical devices - Insider, accidental or intentional data loss - Loss or theft of equipment or data - Ransomware - Social engineering |