Ascension Systems Crumbled Under Black Basta Ransomware Attack, Says Report

May 11, 2024
1 min read


TLDR:

  • Russia-linked Black Basta ransomware group brought down Ascension IT systems, affecting clinical operations.
  • Black Basta is known for double extortion attacks, exfiltrating data and operating a cybercrime marketplace.

In a recent report, it was revealed that the Russia-linked ransomware group Black Basta was responsible for a cyberattack that affected clinical operations at the Ascension health system in St. Louis. The nonprofit group Health-ISAC issued an alert about Black Basta, stating that the group has been accelerating attacks against the healthcare sector.

The U.S. Department of Health and Human Services had previously issued an alert about Black Basta in March 2023, noting the group’s double extortion attack method. Black Basta not only deploys ransomware but also exfiltrates sensitive data, threatening to release it unless a ransom is paid.

According to reports, Black Basta has earned over $100 million through ransomware schemes targeting 329 organizations in less than two years. Previous victims of its attacks include Dish Network, the American Dental Association, Capita, and ABB.

Ascension, a Catholic health system with 140 hospitals, detected unusual activity on its technology network systems and experienced a data breach. As a result, its electronic health records system was unavailable, and some non-emergency procedures were paused as a precaution.

The health system is working with Mandiant and other advisors to investigate, contain, and restore its systems. However, there is currently no timeline for system restoration.


Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and