Technology
The US is offering $10 million to help catch the Change Healthcare hackers
The US government has said it is extending its reward for information on key leadership of the ALPHV/BlackCat cybercrime gang to its members, certainly one of whom last month pleaded guilty to a large ransomware attack on the US health technology giant.
In a press release on Wednesday, the U.S. Department of State said this might occur offer a reward of up to $10 million to obtain information identifying or locating any person related to ALPHV/BlackCat, including “its affiliates, activities or connections with a foreign government.”
Russian company ALPHV/BlackCat is a ransomware-as-a-service company that recruits partners — effectively contractors who receive a commission for carrying out ransomware attacks — and takes a cut of the ransom demanded by the victim. Although security researchers haven’t yet discovered a link between ALPHV/BlackCat and a foreign government, the State Department in a press release suggested that the gang could also be “operating under the direction or control of a foreign government,” comparable to Russia.
The State Department blames this prolific ransomware group for targeting critical infrastructure in the US, including health care services.
Last month, a bunch affiliated with the ALPHV/BlackCat gang claimed responsibility for a cyberattack and a week-long outage of US medical technology giant Change Healthcare, which processes the medical records of 1 in three US patients. The cyberattack deprived the U.S. health care system of much of its access to patient records and billing information, causing massive outages and weeks of delays in dishing out medications, prescriptions and surgical authorizations.
The affiliated group went public after accusing the principal ALPHV/BlackCat gang of defrauding contract hackers of a $22 million ransom that Change Healthcare allegedly paid to prevent massive leaks of patient records.
The group stated that ALPHV/BlackCat conducted an “exit scam” through which the hackers made off with their fortune to avoid paying their affiliates and keep the stolen funds for themselves.
Despite losing a part of the ransom note, the affiliate group claimed they still had access to an enormous amount of stolen sensitive patient data.
Change Healthcare has since said it has kicked the hackers off its network and restored most of its systems. US medical insurance giant UnitedHealth Group, the parent company of Change Healthcare, has not yet confirmed whether any patient data has been stolen.