It is believed the ongoing cyber attack on US health tech giant Change Healthcare is the work of the ‘Blackcat’ ransomware gang.
The targeted hit has caused significant disruption to the health system in recent days with hospitals and pharmacies impacted, as reported by Reuters.
Owned by parent company UnitedHealth, Change operates a major health payment system, connecting care providers and patients across the states. Headquartered in Nashville, Tennessee, the company posted revenues of almost $3.5 billion in 2022.
Last week, hackers obtained access to Change Healthcare’s IT infrastructure with immediate knock-on effects at pharmacies to the detriment of of patients.
Whilst there was no immediate comment from UnitedHealth or Blackcat (also known as ALPHV) in the aftermath of the breach, Reuters has now briefed on the latter’s responsibility for the attack.
Inevitable outcome
This latest development comes after the parent company of Change Healthcare attributed an earlier incident to a “suspected nation-state associated cybersecurity threat actor,” but an industry expert has played down that line of enquiry.
“I am not aware of any links between ALPHV and a nation state,” said Brett Callow, a threat analyst at the cybersecurity firm Emsisoft. “As far as I am aware they are financially motivated cybercriminals and nothing more.”
In December, Blackcat was the target of an international law enforcement response led by US authorities to take down its websites and digital assets, with a relative degree of success. In response, the cyber criminals threatened to retaliate by going after critical infrastructure concerning hospitals and providers.
On this outcome, Callow added law enforcement activity was important but unlikely to completely eradicate the problem.
“It’s inevitable that if you have a group that’s making millions of bucks, they are going to attempt to make a comeback,” he said.
Blackcat is an infamous ransomware gang, one of the most prolific groups of online attackers which has previously targeted the likes of MGM Resorts International and Caesars International.
Image: Tima Miroshnichenko/Pexels