Joint Advisory Outlines Attacks by Daixin Team

The Cybersecurity & Infrastructure Security Agency, the FBI and the U.S. Department of Health & Human Services released a Joint Advisory last week warning organizations, particularly those in the health care and public health (HPH) sectors, of the ransomware and data extortion operations by the Daixin Team.

The Advisory is designed to provide information to organizations to help prevent ransomware attacks. According to the Advisory:

The Daixin Team is a ransomware and data extortion group that has targeted the HPH Sector with ransomware and data extortion operations since at least June 2022. Since then, Daixin Team cybercrime actors have caused ransomware incidents at multiple HPH Sector organizations where they have:

The criminals gain access to victim’s systems through virtual private network servers by exploiting unpatched vulnerabilities or using previously-compromised credentials (obtained with phishing emails) to access VPN servers that do not have multifactor authentication enabled. The Advisory lists the indicators of compromise and mitigation steps that organizations can take to protect against Daixin. If your organization is included in the HPH sectors, prompt attention to the Advisory is warranted.

Copyright © 2024 Robinson & Cole LLP. All rights reserved.
National Law Review, Volumess XII, Number 307