A recent new strain of the Locky ransomware is targeting the healthcare industry, according to cyber security vendor FireEye Labs.
The attacks also are hitting the telecom, transportation, manufacturing, service provider and aerospace/defense sectors severely, but nowhere near the degree that healthcare is being attacked.
In particular, attacks against healthcare and other industries, with high similarity, were especially pronounced on August 9, 11 and 15, according to FireEye.
Among other traits in this style of attack, each email campaign has a specific “one-off” campaign code used to download the ransomware from a malicious server, and the malicious URL embedded with macro code is encoded using the same encoding function but with a different key for each campaign, the vendor says. An accompanying report, available here, shows the network patterns of the August attacks.
Register or login for access to this item and much more
All Information Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access