Tech & Innovation in Healthcare

Industry Notes:

Watch out for Royal Ransomware, Warns FBI and CISA

Published on Mon Apr 03, 2023

On March 2, 2023, the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released a joint Cybersecurity Advisory (CSA) regarding Royal ransomware. The agencies warn that malicious threat actors have used a Royal ransomware variant to compromise U.S. and international organizations since approximately September 2023.

Royal threat actors have demanded ransom payments ranging from $1 million to $11 million in Bitcoin. However, “[i] n observed incidents, Royal actors do not include ransom amounts and payment instructions as part of the initial ransom note,” the advisory reads. Instead, after the victim organization’s data is encrypted, a note appears requiring the victims to “directly interact with the threat actor” via a URL.

The FBI and CISA believe the ransomware variant has evolved from earlier versions that used “Zeon” as a loader. According to the CSA, this Royal ransomware variant “uses its own custom-made file encryption program.” Once the threat actors gain access to the victims’ networks, the threat actors disable antivirus software, transfer large amounts of data, and then unleash the ransomware and encrypt the victims’ systems. The agencies have found that Royal actors have targeted several organizations in critical infrastructure sectors, including Healthcare and Public Health (HPH).

To help reduce the risk and impact of ransomware events, the FBI and CISA encourage organizations to implement several mitigation measures. These measures include, but are not limited to:

Put a recovery plan into effect.
Make sure all accounts with passwords comply with National Institute for Standards and Technology (NIST) standards.
Enact multifactor authentication (MFA).
Update all firmware, software, and operating systems.
Maintain offline data backups.
Ensure backed up data is encrypted and immutable.

Additionally, if your organization does become a victim of ransomware, the agencies don’t encourage paying the ransom, “as payment does not guarantee victim files will be recovered.”

Tech & Innovation in Healthcare

Artificial Intelligence:
Add AI to Your Revenue Cycle to Proactively Prevent Denials
Give AI simple coding cases during staffing shortages. Artificial intelligence (AI) has been in development [...]

Biotechnology:
Grow New Organs Inside the Body With Donated Cells
Learn how one liver could help 75 patients. The liver possesses an incredible ability to [...]

Post-PHE Practices:
Know What RPM and Telehealth Changes Await After the PHE Ends
Good news: You’ll have until December to make some adjustments. The COVID-19 pandemic and public [...]

Industry Notes:
Online Mental Health Platform May Have Disclosed PHI
More than 3 million patients of the online virtual mental health platform Cerebral might have [...]

Reader Questions:
Deliver the Right Care to Your Neurodivergent Patients
Question: Our practice has several patients who are diagnosed with autism, ADHD, or Tourette syndrome. At [...]

Reader Questions:
Achievement Unlocked: Better Medication Compliance
Question: As a physician and a video game enthusiast, I love the idea of gamification to [...]

Reader Questions:
Learn How You’ll Report VR as DME
Question: I’ve been fascinated by your coverage of VR in Tech & Innovation in Healthcare. >Have there been [...]

Industry Notes:
Watch out for Royal Ransomware, Warns FBI and CISA
On March 2, 2023, the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security [...]

View All