June 24, 2024

Russian ransomware group threatens cybersecurity beyond London attack

Editor's Note

Qilin, a ransomware group based in Russia, claimed responsibility for a cyberattack against pathology services provider Synnovis that paralyzed London Hospitals and is now requesting $50 million, Becker’s Health IT reported June 20. Citing a report from Bloomberg, the article notes that the attack disrupted services at London-based hospitals for multiple weeks. In addition to publish the information online if it does not receive payment, the group is threatening other attacks.

The same week of those reports, the Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center this week released an advisory about Qilin. According to that advisory, the ransomware-as-a-service group, formerly known as “Agenda,” was “observed recruiting affiliates in late 2023, and has variants written in Golang and RustQilin is known to gain initial access through spear phishing, as well as leveraging remote monitoring and management and other common tools in cyberattacks. The group is also known to practice double extortion. HC3 said the group’s targeting appears to be opportunistic rather than targeted.”  


Live chat by BoldChat