CircleID March 28, 2023
The healthcare industry has had a rough couple of years since the COVID-19 pandemic started. But this didn’t stop threat actors from attacking the sector, with several healthcare organizations targeted by ransomware, data breach, and other cyber attacks.
Early detection and response can help protect medical facilities and systems, starting with identifying indicators of compromise (IoCs)—a critical process detailed by Armis in their Internet of Medical Things (IoMT) Playbook.
Inspired by this, WhoisXML API researchers decided to investigate the IoCs by gleaning data from one of the Federal Bureau of Investigation (FBI) flash reports identified in the playbook. In particular, we analyzed and expanded the list of IoCs related to Cuba ransomware, which targeted private and public healthcare organizations, among...