The Health Sector Cybersecurity Coordination Center, or HC3, is warning healthcare organizations to be on the lookout for the BlackCat ransomware variant.
Known to be in operation since November 2021, BlackCat has already targeted the healthcare and public health sector and is expected to continue, according to the Dec. 12 HC3 analyst note. It is "part of one of the most sophisticated ransomware-as-a-service operations in the global cybercriminal ecosystem," HC3 said.
BlackCat is believed to be a successor to the REvil, Darkside and BlackMatter ransomware groups and be connected to FIN7, aka Carbon Spider, and FIN12, HC3 said.
The agency said it is one of the more technologically advanced ransomware-as-a-service operations because it was developed in the Rust programming language, has highly customizable features, and uses internally developed capabilities that are constantly upgraded.