The HHS released a warning Dec. 7 about a human-operated ransomware group known as Royal that is increasingly becoming a threat to the healthcare sector.
Six things to know about Royal, according to the HHS:
- Royal-based attacks have steadily increased in appearance over the last three months, with ransom demands ranging from $250,000 to more than $2 million.
- Royal ransomware emerged in September and the group appears to operate as a private group with no known affiliates.
- Since the group's emergence, the HHS has observed that it has compromised healthcare entities.
- Royal is financially motivated and has been exfiltrating sensitive data.
- The group uses Cobalt Strike tactics to harvest credentials from victims' networks.
- The HHS warned that the Royal ransomware tactic is spreading.