A known black hat hacker collective is currently ransoming 500GB of internal documents, including intellectual property belonging to one of the 50 Top Sellers on Amazon, via a Remote Desktop Protocol (RDP). This group is infamous for hacking healthcare systems in the U.S. and other corporate institutions - then selling the data. This information is being supplied for your situational awareness.
- Recent, successful black hat hackers.
- Active in hacking institutions, focusing on the U.S. healthcare industry.
- Company belonging to the 50 Top Sellers on Amazon has been the most recent victim.
Publication date: 19 November 2016
Handling requirements: Traffic light protocol (TLP) GREEN
Attribution/Threat Actors: Black Hat Hacker Collective
Actor Type: Adversary capabilities have been assessed as Tier III*
Potential Targets: U.S. Healthcare industry, other industries
Past Reporting: DOC-4055, DOC-4203
