BianLian Ransomware Group Changes Tactics, Targets Healthcare
/ 1 min read
BianLian ransomware group linked to Russia shifts tactics. The FBI and Australian law enforcement have identified the BianLian ransomware group as likely based in Russia, with a focus on extorting companies through stolen data rather than traditional encryption methods. Recent attacks have targeted healthcare organizations, including the Amherstburg Family Health Team in Canada, causing operational disruptions. The group has adapted its strategies since January, utilizing vulnerabilities in Windows and ESXi systems to gain access and create multiple administrator accounts for easier navigation within networks. Ransom notes now threaten to leak stolen data if demands are not met, and the group has employed aggressive tactics, such as printing ransom notes on company printers and directly contacting employees. The rise in ransomware attacks has raised significant concerns regarding cybersecurity and public safety, particularly in healthcare.