Black Basta Behind Ransomware Attack on Ascension

May 15, 2024
Health-ISAC warns the healthcare industry against the Russian-speaking threat actor Black Basta.

Current investigations indicate that the Russian-speaking group Black Basta has deployed ransomware onto Ascension. On May 8, the Catholic health system released a news brief that stated it was experiencing a cybersecurity event. On May 9, Ascension confirmed that the organization was hit by a ransomware attack, leading to a diversion for emergency medical services and interruption in services concerning its electronic health records system (EHR), among other tools.

CNN’s Sean Lyngaas reported last Friday, using several sources, that the cyberattack on Ascension was perpetrated by the ransomware group Black Basta, a potential offshoot of Conti.

On May 10, Orlando-based Health-ISAC issued a threat bulletin regarding Black Basta as a significant threat actor to the healthcare industry. Health-ISAC urged all Healthcare and Public Health (HPH) sector entities to follow the recommended actions listed in the bulletin. These actions include infrastructure organizations installing updates for operating systems, software, and firmware, integrating multifactor authentication (MFA), and training users to recognize and report phishing attempts.

“It’s just another demonstration of the need for additional resources to help protect hospitals and healthcare systems globally,” commented Errol Weiss, chief security officer at Health-ISAC. “Typically, with these ransomware actors, they're taking a pretty broad approach in terms of throwing out their net to try to cast a victim,” he added. Of the ransomware cases tracked by Health-ISAC over the last year, about eight percent were in the healthcare sector.

Last year, Healthcare Innovation reported on the threat that the ransomware group Black Basta posed to healthcare organizations. On March 13, 2023, the Health Sector Cybersecurity Coordination Center (HC3) published a threat profile on the group, which was first spotted in 2022.

Meanwhile, a timeline for system restoration at Ascension is still absent. “We are focused on restoring systems safely. We are making progress; however, it will take time to return to normal operations,” an Ascension spokesperson said in a statement earlier this week.

Sponsored Recommendations

Care Access Made Easy: A Guide to Digital Self Service

Embracing digital transformation in healthcare is crucial, and there is no one-size-fits-all strategy. Consider adopting a crawl, walk, run approach to digital projects, enabling...

Powering a Digital Front Door with a Comprehensive Provider Directory

Learn how Geisinger improved provider data accuracy, SEO, and patient acquisition with a comprehensive provider directory.

Data-driven, physician-focused approach to CDI improvement

Organizational profile Sisters of Charity of Leavenworth (SCL) Health* has been providing care since it originated in the 1600s in France as the Daughters of Charity. These religious...

Luminis Health improved quality and financial outcomes with advanced CDI technology and consulting from 3M

In the beginning, there were challengesBefore partnering with 3M Health Information Systems (HIS), Luminis Health’s clinical documentation integrity (CDI) program faced ...