Cerber Ransomware Returns: Targeting Healthcare Industry


Cerber, a type of ransomware that once was the most popular choice for cybercriminals, has returned and is used for targeting health care organizations. In 2020, COVID-19 test technology, healthcare firms have driven digital innovation. However, it is important to note that unprecedented safety flaws also emerged with these advances, which cybercriminals rapidly sought to take advantage of. 

Cerber ransomware is ransomware-as-a-service (RaaS), which means that the attacker authorizes Cerber ransomware over the internet. Cerber has climbed up the category of sophisticated ransomware. In 2017, it was the most powerful ransomware family with 90 percent of all ransomware attacks on Windows systems at one point. Usually, the attacker can adapt and deliver the ransomware while retaining the entire currency, however by setting up Cerber, the developer and partner can send further execute the attack with less effort. 

Usually, ransoms were amounted to a few hundred dollars – a tiny sum relative to today's ransomware strikes that demanded hundreds of thousands or millions for a decryption key, yet Cerber's influence led several victims to settle ransom demands and provide Cerber's creators and affiliates with a lucrative business model. At times cyber attackers also spread ransomware via phishing e-mails or compromised websites. 

The cybersecurity researchers at security company - VMware Carbon Black have identified Cerber as the most common ransomware targeting healthcare as of late. Back in 2020, they found that there were 239.4 million attempted cyberattacks targeting VMware Carbon Black healthcare customers. The average number of attempted attacks in 2020 was 816 on average, a stupefying rise of 9,851 percent from 2019. 

The rise in attacks started in February when the pandemic began to spread globally. The number of attempted attacks rose by 51 percent between January and February when hackers turned their focus to vulnerable healthcare institutions, which witnessed a huge improvement in their way of working and handling patients. 

"Although old malware variants such as Cerber tend to resurface, these are often re-factored to include new tricks, though at the core are still leveraging tried and true techniques," stated Greg Foss, senior cybersecurity strategist at VMware Carbon Black. 

He further added, "All it takes is a quick search on the dark web for someone to license out a ransomware payload to infect targets. Today, it's unfortunately just as easy to sign up for a grocery delivery service as it is to subscribe to ransomware.” 

Unfortunately, hospitals are a frequent target for cyber criminals who spread ransomware because health care is focused on networks that are open to patients. This can also lead to hospitals making fast decisions to pay a ransom request because observably, it is the only way to prevent jeopardizing patients' privacy and to stop hackers from releasing compromised records, which can be very serious threat in healthcare.