North Korea spreading Maui Ransomware

    Maui Ransomware is being spread by state-funded hackers of North Korea and it confirmed this in a joint statement released by the FBI, CISA, and Department of Treasury on a collective note.

    What’s surprising in this finding is that the said file-encrypting malware is being spread since May 2021 and was being targeted mainly at healthcare and public healthcare organizations.

    FBI specified in its statement that the Maui Ransomware group was only interested in stealing and encrypting electronic health records, diagnostic reports, imaging services, and intranet services and has plans to expand the reach to firms involved in manufacturing and production.

    Another interesting point is that the malware is being deployed across networks manually, after which the operators target specific files to encrypt and then demand enormous sums in exchange.

    Installing updates for software and operating systems, regularly testing offline backups, limiting the usage of RDPs when required, educating employees about phishing attacks, and having a ransomware response checklist on hand will help mitigate risks associated with such ransomware incidents and cut down on serious consequences.

    For the past 2-3 years, the federal agencies are advising victims not to pay a ransom to criminals as it encourages crime and doesn’t guarantee a decryption key for sure. At the same, it has issued an advisory to the health care sector on how to deal with the incident and the risks involved in ransomware payments.

    NOTE- Maui means a Polynesian Demigod created from two volcanoes. He was rarely worshiped as he was looked upon as a folk hero. Certain mythological scriptures state Maui had the power to control the sun and lengthen the days and had a magical power to pull fire from the universe and use it for human survival in the underworld.

    Ad
    Naveen Goud
    Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

    No posts to display