Latest [r Blogs
Our world and work are powered by data. To make use of that data, each of us is reliant on technology, from the computers where we answer emails to the phones we keep in our pockets. However, as our reliance on (and the complexity of!) these systems and data increase, our risks grow with them. Confidentiality, integrity, and accessibility of data are essential to the success of a company, yet many firms simply do not have the resources necessary.
Today, businesses face more sophisticated cybersecurity threats than ever before. And security incidents don’t just affect the big businesses you hear about in the news. Every type of business is at risk: from professional services firms to healthcare providers. As attacks proliferate, many businesses are seeking the support of a Managed Security Service Provider (MSSP). These external security providers are responsible for maintaining the security of their clients’ systems and networks.
On 04 October 2022 CommonSpirit Health announced a cyberattack affecting its system of healthcare facilities. CommonSpirit Health operates more than 1,000 care sites and 140 hospitals in 21 states, including CHI (Catholic Health Initiatives) Health and MercyOne facilities in Iowa. CommonSpirit reported on their website that the attack affected their electronic medical record (EMR) and CHI Health and MercyOne have notified their patients that patient portals, electronic prescriptions, and scheduling have been affected, with some procedures delayed.
Overview Earlier this year, [redacted] encountered a relatively new ransomware threat actor that called themselves BianLian. We observed the actor deploying custom malware that was written in the Go programming language, which posed some initial, but not insurmountable, reverse-engineering challenges. BianLian used subtle techniques to exploit, enumerate, and move laterally in victim networks to remain undetected and aggressively worked to counter Endpoint Detection & Response (EDR) protections during the encryption phase of their operations.