The FBI, CISA and U.S. Department of the Treasury have issued a joint advisory warning of alleged North-Korean-backed threat actors using Maui ransomware in attacks against healthcare and public health (HPH) organizations.
Maui ransomware is an encryption binary and is designed for manual execution by a remote actor. It doesn't leave a ransom note on encrypted systems. The threat actors use a command-line interface to interact with the Maui from afar, and to identify files to encrypt. These might include electronic health records services, diagnostics services, imaging services and intranet services.
The agencies believe these attacks will continue because the attackers will assume that organizations like these will be forced to pay up every time. Paying a ransom demand does not guarantee you will get your data back, nor does it free you from recovery costs, and those who do pay may be marked as a target for repeat attacks.
Acronis Cyber Protect Cloud detects and blocks ransomware with its included Active Protection, while the efficient backup and disaster recovery capabilities get you back up and running quickly in the event of system compromise.
Acronis is a Swiss company, founded in Singapore. Celebrating two decades of innovation, Acronis has more than 2,000 employees in 45 locations. Acronis Cyber Protect solution is available in 26 languages in over 150 countries and is used by 18,000 service providers to protect over 750,000 businesses.