On October 12, 2023, the Health Sector Cybersecurity Coordination Center (HC3) issued an Alert to the healthcare industry about a “new threat actor and ransomware,” NoEscape, which is threatening health care organizations.
According to the Alert, the cybercriminals behind NoEscape “have constructed their malware and its associated infrastructure entirely from scratch.” Offering Ransomware-as-a-Service, they have targeted multiple industries, including the healthcare and public health sectors.
It is executed through other malware, or a file downloaded by users “while visiting suspicious websites.” Once executed, the threat actor leaves a ransom note on the victim’s computer and provides an ID for the victim to log into the threat actor’s Tor payment site.
The Alert provides a section on defense and mitigations “for protecting against NoEscape Ransomware and mitigating the impact of a successful attack.”