The Cybersecurity and Infrastructure Security Agency, the FBI and HHS issued a joint warning Oct. 21 about ransomware group Daixin Team, which is targeting U.S. healthcare and public health organizations.
Five things to know about the group:
- The Daixin Team is a ransomware and data extortion group that has been active since at least June.
- The group targets the public health sector with ransomware operations aimed at exfiltrating personal identifiable information and patient health information.
- The group threatens to release stolen data if a ransom is not paid.
- The Daixin Team group gains access to victims through virtual private network servers.
- To mitigate ransomware attacks, the alert recommends healthcare organizations install updates for operating systems, software and firmware as soon as they are released. The agencies also recommend implementing and enforcing multilayer network segmentation with the most critical communications and data.