HHS Alerts Healthcare Organizations to 'Qilin' Ransomware Group

Qilin is known to employ tactics such as spear phishing and double extortion.

By Jeff Wardon, Jr., Assistant Editor


The United States Department of Health and Human Services (HHS) has sounded the alarm over the Qilin (also known as Agenda) ransomware-as-a-service (RaaS) offering, which has been in operation since 2022. This group is known for gaining initial access through “spear phishing,” a type of phishing that directly targets a specific person or organization, typically through emails. They are also known for resorting to double extortion, where ransom payments are demanded from victims to prevent data being leaked.  

Ransomware remains a threat to the healthcare and public health sector, as they reportedly filed 249 ransomware-related complaints to the FBI in 2023.  

Given recent ransomware attacks on healthcare organizations such as Ascension, the threat of being victimized by an attack is real and troubling. This is because ransomware attacks can lead to sizeable costs and private data being lost.  

For example, CommonSpirit Health reported a total loss of $160 million for the ransomware attack they suffered in 2022. They also had 624,000 patients’ data stolen from them in that attack.  

However, healthcare organizations can act to protect themselves from and even prevent ransomware attacks. The Center for Internet Security recommends the following steps to limit the impacts of ransomware attacks:  

  1. Regularly maintain backups of data 
  2. Develop procedures and policies 
  3. Review the port settings, consider whether they need to be left open or not 
  4. Configure systems with security in mind 
  5. Regularly update systems  
  6. Train the team to be cybersecurity-oriented 
  7. Put in place an Intrusion Detection System (IDS), which can help look for malicious activity within an organization’s network 

Jeff Wardon, Jr. is the assistant editor for the facilities market. 



June 27, 2024


Topic Area: Information Technology , Security


Recent Posts

Site Selection Mistakes: What Not To Do

Healthcare providers that treat site selection as a strategic decision, not a simple real estate deal, will be positioned for long-term success.


High-Performance EFCO Systems Shape MUSC's New Black River Medical Center

Case study: A sweeping curved-glass entrance, impact-resistant envelope and energy-efficient fenestration support a sustainable, resilient design for one of South Carolina’s newest rural hospitals.


Heritage Valley Health System to Officially Affiliate with Alleghany Health Network

With the affiliation now complete, Heritage Valley Beaver and Heritage Valley Sewickley will be rebranded.


The Impact of Acoustics on Patient Privacy

As healthcare facilities evolve toward more open and flexible care environments, acoustic privacy has become essential.


Texas Behavioral Health Center in Dallas Opens with Ribon-Cutting Ceremony

The 456,265-square-foot facility offers a variety of therapeutic, recreational and social spaces that prepare patients for life outside the hospital.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.