{"id":6977,"date":"2022-07-06T03:07:15","date_gmt":"2022-07-05T18:07:15","guid":{"rendered":"https:\/\/cyberenso.jp\/?p=6977"},"modified":"2022-08-09T03:09:54","modified_gmt":"2022-08-08T18:09:54","slug":"fbi-releases-advisory-warning-of-the-use-of-the-maui-ransomware-by-north-korean-state-sponsored-threat-actors-to-target-the-healthcare-and-public-health-sector","status":"publish","type":"post","link":"https:\/\/cyberenso.jp\/en\/fbi-releases-advisory-warning-of-the-use-of-the-maui-ransomware-by-north-korean-state-sponsored-threat-actors-to-target-the-healthcare-and-public-health-sector\/","title":{"rendered":"FBI releases advisory warning of the use of the Maui ransomware by North Korean state-sponsored threat actors to target the Healthcare and Public Health Sector"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"6977\" class=\"elementor elementor-6977\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-7069de6 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"7069de6\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-2b78655\" data-id=\"2b78655\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t\t\t<div class=\"elementor-element elementor-element-ed65916 elementor-widget elementor-widget-text-editor\" data-id=\"ed65916\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>On Wednesday 6th of July 2022, the United States Federal Bureau of Investigation (FBI) released a joint TLP:WHITE joint advisory which revealed the Maui ransomware has been used by North Korean state-sponsored threat actors since at least May 2021 to target Healthcare and Public Health (HPH) Sector organisations. The goals of these ransomware attacks are to encrypt servers that are responsible for the healthcare service operations. Some of the targeted services include electronic health records services, diagnostics services, imaging services, and intranet services. The targeting and encryption of these servers have caused disruptions to these services for prolonged periods.<\/p><p>This joint advisory was released in coordination with the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of the Treasury to provide key cyber threat information to help security professionals and organisations to detect and counter ransomware attack attempts involving the Maui ransomware. The advisory also revealed that the ransomware appears to be designed for manual execution by a remote actor although the initial access vector for these incidents is still unknown.<\/p><p>In the advisory, the FBI asked for any information related to the incidents involving the Maui ransomware to be shared with them. This information can include \u201cboundary logs showing communication to and from foreign IP addresses, bitcoin wallet information, the decryptor file, and\/or benign samples of encrypted files.\u201d<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>On Wednesday 6th of July 2022, the United States Federal Bureau of Investigation (FBI) released a joint TLP:WHITE joint advisory which revealed the Maui ransomware has been used by North Korean state-sponsored threat actors since at least May 2021 to target Healthcare and Public Health (HPH) Sector organisations. The goals of these ransomware attacks are to encrypt servers that are<span class=\"excerpt-hellip\"> [\u2026]<\/span><\/p>\n","protected":false},"author":1,"featured_media":6982,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,10,1],"tags":[],"class_list":["post-6977","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-latest_news","category-latest_vulnerabilities","category-uncategorized"],"acf":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/cyberenso.jp\/wp-content\/uploads\/2022\/08\/cyenso15.jpg?fit=1375%2C999&ssl=1","_links":{"self":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/6977"}],"collection":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/comments?post=6977"}],"version-history":[{"count":6,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/6977\/revisions"}],"predecessor-version":[{"id":6985,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/6977\/revisions\/6985"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media\/6982"}],"wp:attachment":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media?parent=6977"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/categories?post=6977"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/tags?post=6977"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}