HC3 releases threat profile on Qilin ransomware targeting global healthcare, other critical sectors

The Health Sector Cybersecurity Coordination Center of the U.S. Department of Health and Human Services has released a threat profile for Qilin ransomware. The ransomware has been targeting healthcare organizations globally since 2022 and is likely of Russian origin. The report highlights the ransomware’s methods, including spear phishing and the use of Remote Monitoring and Management tools, and its attempts at double extortion, threatening to leak sensitive data if ransoms are not paid. The group has targeted various industries, with healthcare victims accounting for approximately 7%.