FBI and CISA Release Joint Cybersecurity Advisory on Royal Ransomware

The Royal ransomware has targeted healthcare and public healthcare, among other critical infrastructure sectors.

By HFT Staff


The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) to disseminate known Royal ransomware IOCs and TTPs identified through FBI threat response activities as recently as January 2023. 

Since approximately September 2022, cyber criminals have compromised U.S. and international organizations with a Royal ransomware variant. FBI and CISA believe this variant, which uses its own custom-made file encryption program, evolved from earlier iterations that used “Zeon” as a loader. After gaining access to victims’ networks, Royal actors disable antivirus software and exfiltrate large amounts of data before ultimately deploying the ransomware and encrypting the systems. Royal actors have made ransom demands ranging from approximately $1 million to $11 million USD in Bitcoin. In observed incidents, Royal actors do not include ransom amounts and payment instructions as part of the initial ransom note. Instead, the note, which appears after encryption, requires victims to directly interact with the threat actor via a “.onion” URL (reachable through the Tor browser). Royal actors have targeted numerous critical infrastructure sectors including, but not limited to, Manufacturing, Communications, Healthcare and Public Healthcare (HPH), and Education. 

FBI and CISA encourage organizations to implement the recommendations in the Mitigations section of this CSA to reduce the likelihood and impact of ransomware incidents. 

Actions to take to mitigate cyber threats from ransomware: 

  • Prioritize remediating known exploited vulnerabilities. 
  • Train users to recognize and report phishing attempts. 
  • Enable and enforce multifactor authentication. 


March 9, 2023


Topic Area: Information Technology , Safety , Security


Recent Posts

The Future of Backup Power Systems in Healthcare Facilities

Manufacturers discuss what trends are shaping the future of backup power systems in healthcare.


Infection Control is Key to Ongoing Measles Outbreak

Infection control is essential to protecting both patients and staff from contracting measles.


Kaiser Permanente to Open New Parker Medical Offices

It also announced it's in the early stages of planning a rebuild and expansion of its Westminster Medical Offices.


Skanska Completes Renovation for New Sutter Health Care Center

The new facility will provide internal medicine, family medicine, pediatrics, as well as lab and imaging services.


Probiotic Cleaners: The Start of a Cleaning Revolution?

Advantages of probiotic cleaning include fewer resistant genes and cost savings through decreased antibiotic use.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.