Adrian Johnson
TLDR:
- Russia-linked Black Basta ransomware group brought down Ascension IT systems, affecting clinical operations.
- Black Basta is known for double extortion attacks, exfiltrating data and operating a cybercrime marketplace.
In a recent report, it was revealed that the Russia-linked ransomware group Black Basta was responsible for a cyberattack that affected clinical operations at the Ascension health system in St. Louis. The nonprofit group Health-ISAC issued an alert about Black Basta, stating that the group has been accelerating attacks against the healthcare sector.
The U.S. Department of Health and Human Services had previously issued an alert about Black Basta in March 2023, noting the group’s double extortion attack method. Black Basta not only deploys ransomware but also exfiltrates sensitive data, threatening to release it unless a ransom is paid.
According to reports, Black Basta has earned over $100 million through ransomware schemes targeting 329 organizations in less than two years. Previous victims of its attacks include Dish Network, the American Dental Association, Capita, and ABB.
Ascension, a Catholic health system with 140 hospitals, detected unusual activity on its technology network systems and experienced a data breach. As a result, its electronic health records system was unavailable, and some non-emergency procedures were paused as a precaution.
The health system is working with Mandiant and other advisors to investigate, contain, and restore its systems. However, there is currently no timeline for system restoration.
