The U.S. authorities mentioned it’s extending its reward in search of info on key management of the ALPHV/BlackCat cybercrime gang to its affiliate members, one among which final month took credit score for an enormous ransomware assault on a U.S. well being tech large.
In an announcement Wednesday, the U.S. State Division mentioned it is going to provide a reward of as much as $10 million for info that identifies or locates any individual related to ALPHV/BlackCat, together with “their associates, actions, or hyperlinks to a overseas authorities.”
The Russia-based ALPHV/BlackCat is a ransomware-as-a-service operation, which recruits associates — successfully contractors who earn a fee for launching ransomware assaults — and takes a minimize of no matter ransom demand the sufferer pays. Though security researchers haven’t but drawn a connection between ALPHV/BlackCat and a overseas authorities, the State Division implied in its assertion that the gang could also be “appearing on the course or beneath the management of a overseas authorities,” similar to Russia.
The State Division blamed the prolific ransomware group for focusing on U.S. essential infrastructure, together with healthcare providers.
Final month, an affiliate group of the ALPHV/BlackCat gang took credit score for a cyberattack and weeks-long outage at U.S. well being tech large Change Healthcare, which processes round one-in-three U.S. affected person medical data. The cyberattack knocked out a lot of the U.S. healthcare system’s entry to affected person data and billing info, inflicting huge outages and delays in fulfilling medicines and prescriptions and surgical authorizations for weeks.
The affiliate group went public after accusing the primary ALPHV/BlackCat gang of swindling the contract hackers out of $22 million in ransom that Change Healthcare allegedly paid to stop the mass leak of affected person data.
The group mentioned ALPHV/BlackCat carried out an “exit rip-off,” the place the hackers run off with their fortune to keep away from paying their associates and maintain the stolen funds for themselves.
Regardless of having misplaced their minimize of the ransom demand, the affiliate group claimed to nonetheless have entry to an enormous quantity of stolen delicate affected person knowledge.
Change Healthcare has mentioned since that it ejected the hackers from its community and restored a lot of its techniques. U.S. medical insurance large UnitedHealth Group, the mother or father firm of Change Healthcare, has not but confirmed if any affected person knowledge was stolen.
