• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Cyber Security Solutions, Compliance, and Consulting Services - IT Security

We offer It security management, data, network, & Information security services for protecting information & mitigating security risks to your organization.

  • Home
  • About Us
  • Solutions & Services
    • Security Governance
    • NETWORK SECURITY
    • CLOUD SECURITY
  • COMPLIANCE
  • SECTORS
  • Blog
  • CONTACT

The Daixin Team Cybercrime Group Hits Health Organizations With Ransomware, US Agencies Warn

By kamran | At October 28, 2022

Oct 28 2022

The Daixin Team Cybercrime Group Hits Health Organizations With Ransomware, US Agencies Warn

typosquatting

US Government Agencies warn Healthcare Organizations and Sectors about a cybercrime group targetting them for ransomware. 

Department of Health and Human Services, FBI, and CISA found that a powerful cybercrime group known as Daixin Team is mainly targeting the Healthcare businesses and sectors of the United States and planning to hit them with ransomware. 

Daixin Team is a relatively new data extortion and ransomware group that mainly targets the Health sector, steals personal and patient health information, and threatens the authorities to leak the data if they don’t pay a certain amount of ransom. 

This cybercrime group plans the attacks with the help of VPN servers and uses various phishing methods like credential dumping, passing the hash, and asking for ransomware. Once the threat actors enter the VPN servers of their targets with even the tiniest of vulnerabilities, they will have access to all the personal information and data. 

The authorities and Federal agencies recognized the potential attacks and immediately warned the public and health sector businesses by releasing an alert saying, 

“The actors have leveraged privileged accounts to gain access to VMware vCenter Server and reset account passwords [T1098] for ESXi servers in the environment. The actors have then used SSH to connect to accessible ESXi servers and deploy ransomware [T1486] on those servers.” 

Moreover, the alert was also full of instructions for protective measures businesses should take to prevent attacks from the Daixin Team. 

Here is a complete list of instructions mentioned in the alert. 

  • Always keep your software, firmware, and operating systems up to date. 
  • A phishing-resisting MFA should protect all services like VPNs, webmail, and servers containing sensitive data.
  • Protect and monitor your Remote Desktop Protocol 24/7.
  • Keep all your WANs (Wide Area Networks) secure with strong passwords. Also, keep your WANs away from all the Device Management Services.
  • Create a multi-layer network segmentation to protect and secure personal data.
  • Invest in new and effective monitoring tools to ensure there are no vulnerabilities.
  • Limit access to data – Only people or employees concerned with the servers should have access. Moreover, it would be beneficial to deploy digital certificates and public key infrastructures to prevent phishing and cyber-attacks. 
  • Avoid using administrative accounts on internal systems; they permit broad organizational system privileges and do not guarantee the least privilege.
  • Organizations should start using technologies like Transport Layer Security to secure their PII and PHI. Also, they should keep the private information of patients only on internal systems. Furthermore, those systems should be protected with firewalls, and there should be a backup for all the data in case it is stolen.
  • Frequently review your existing internal policies regarding the storage, access, and monitoring of the data. Also, stay up-to-date and create new policies often. 
  • Use encryption to protect stored data and make it unreadable when it is saved.
  • In the end, HHS, CISA, and FBI ask the organizations to be prepared for the worst-case scenario and plan strategies to prevent and deal with the ransomware situation. 

Written by kamran · Categorized: Cyber security news, Healthcare cyber security

Primary Sidebar

Recents post

Healthcare Cybersecurity Roundup: Hospitals, Labs, and RCM Firms Targeted

Ransomware groups continue to … [Read More...] about Healthcare Cybersecurity Roundup: Hospitals, Labs, and RCM Firms Targeted

New Cyber Threats for Law Firms: ICC Attack, Firm Breaches, and AI-Driven Risks

With confidential client … [Read More...] about New Cyber Threats for Law Firms: ICC Attack, Firm Breaches, and AI-Driven Risks

Healthcare Under Siege: 3 Major Data Breaches + the Rise of Bert Ransomware

From ransomware attacks … [Read More...] about Healthcare Under Siege: 3 Major Data Breaches + the Rise of Bert Ransomware

Categories

  • AI and cybersecurity (2)
  • blockchain (1)
  • Cloud security (29)
  • Compliance (25)
  • Cyber security news (108)
  • Cyber security threats (376)
  • Cyber security tips (370)
  • Data Security (3)
  • E-Commerce cyber security (3)
  • Education cyber security (1)
  • Enterprise cyber security (7)
  • Financial organizations cyber security (4)
  • General (22)
  • Government cyber security (4)
  • Healthcare cyber security (19)
  • Information Security (2)
  • Law Firms Cyber Security (9)
  • Network security (9)
  • Newsletter (1)
  • Privacy (1)
  • Ransomware (14)
  • remote work (1)
  • Risk assessment and management (6)
  • Security management and governance (9)
  • SME Cybersecurity (2)
  • Software Security (2)
  • Supply Chain Attacks (5)
  • System security (3)
  • Uncategorized (29)
  • Vendor security (14)

Archives

Footer

Infoguard Cyber Security

San Jose Office
333 W. Santa Clara Street
Suite 920
San Jose, CA 95113
Ph: (855) 444-6004

Irvine Office
19800 MacArthur Blvd.
Suite 300
Irvine, CA 92612

Recent Posts

  • Healthcare Cybersecurity Roundup: Hospitals, Labs, and RCM Firms Targeted
  • New Cyber Threats for Law Firms: ICC Attack, Firm Breaches, and AI-Driven Risks
  • Healthcare Under Siege: 3 Major Data Breaches + the Rise of Bert Ransomware

Get Social

  • LinkedIn
  • Home
  • About Us
  • Solutions & Services
  • COMPLIANCE
  • SECTORS
  • Blog
  • CONTACT

Privacy Policy Terms of Use Acceptable Use

Copyright © 2025 | All right reserved