The FBI, Cybersecurity and Infrastructure Security Agency, Department of Health and Human Services, and the Multi-State Information Sharing and Analysis Center have issued a joint cybersecurity advisory warning organizations of an emerging ransomware variant known as Interlock.
Here are five things to know about the ransomware variant:
Interlock ransomware has been used in attacks on businesses and critical infrastructure across North America and Europe since September 2024, according to a July 22 advisory.
The financially motivated variant uses a “double extortion” tactic — encrypting victims’ data and exfiltrating it to pressure organizations into paying a ransom.
Interlock actors target both Windows and Linux virtual machines and have employed unusual methods to gain initial access, the advisory states.
So far, ransom notes from the group do not include a dollar amount or payment instructions. Instead, victims are given a unique code and directed to contact the attackers via a Tor-based .onion website.
Federal investigators have observed similarities between Interlock and another ransomware family, Rhysida, according to open-source reports. However, the extent of their relationship is unclear.
The post Feds warn healthcare of Interlock ransomware threat appeared first on Becker’s Hospital Review | Healthcare News & Analysis.
Health IT
