Athens Orthopedic Clinic Confirms Dark Overlord Attack
Data Was Offered for Sale on the Dark Web
A Georgia-based orthopedic clinic has confirmed it’s one of the victims of cyberattacks by a hacker calling himself “The Dark Overlord”. The hacker recently posted for sale on the dark web copies of databases he claims contain 10 million records stolen from four U.S. healthcare sector organizations.
While healthcare organizations are increasingly battling ransomware attacks, which involve hackers demanding a ransom to unlock data that they’ve encrypted, cybercriminals threatening to expose stolen data has been a longtime problem, some experts say.
“Before ransomware – holding data hostage was common,” says Tom Walsh, founder of the consulting firm tw-Security. These kinds of attacks will continue “as long as organizations continue to pay the ransom demands,” adds Keith Fricke, principal consultant at tw-Security.
Healthcare entities – as well as their vendors – can take measures to help minimize the risk of having their data stolen. “Remote access, especially for individuals with elevated privileges, should use two-factor authentication. Criminals try to compromise credentials with elevated privileges,” Fricke notes.
“Proactive event log monitoring and alerting is critical. Once criminals gain a foothold in a network, they are there for just over 200 days on average before being detected,” he says. “That provides plenty of time to steal data and demand a ransom for it.”