A large Snake ransomware campaign has targeted healthcare companies worldwide. One of the victims include Fresenius, Europe’s largest private hospital operator and leading healthcare company based out of Germany.
According to reports by Brian Krebs and Bleeping Computer, the attackers used Snake Ransomware to infect numerous Fresenius technology systems across the globe.
Fresenius is a global healthcare group that consists of four major operating entities that offer products and services for dialysis, hospitals, and outpatient treatment. The company also employees nearly 300,000 employees in over 100 countries.
A spokesperson from Fresenius shared with Brian Krebs that the company was struggling with a “computer virus outbreak” and was taking steps “to prevent further spread.”
The attack also comes shortly after the U.S. Department of Homeland Security (DHS) and UK’s National Cyber Security Centre (NCSC) issued a joint alert of threat groups exploiting the Coronavirus Disease 2019 (COVID-19) pandemic as part of their cyber operations.
“APT actors are actively targeting organizations involved in both national and international COVID-19 responses. These organizations include healthcare bodies, pharmaceutical companies, academia, medical research organizations, and local governments,” DHS warned in the advisory.
In addition, CISA and NCSC confirmed they were investigating multiple cybersecurity incidents related to the same cyber activity.
Lawrence Abrams of BleepingComputer also wrote that the Fresenius cyber attack was part of larger ransomware campaign.
Abrams further added that “Snake now claims to steal unencrypted files before encrypting computers on a network.”
Earlier this year, security experts warned cybercriminals used another variation of Snake (also known as Ekans) to launch ransomware attacks against industrial control systems (ICS).
- Ekans ransomware targets industrial control systems
- Ransomware attack impacts pipeline operations
- Mailto ransomware threat and mitigation guidance
- WannaCry, Petya and Copycat Ransomware Expose Good History Lessons for Small Business and Enterprise Security
- Travelex hit with major ransomware attack
- Attackers abuse ConnectWise Control software to deliver Zeppelin ransomware