everest attacks Centro Hospitalar de Setúbal

Incident Date: Mar 07, 2022

Attack Overview

VICTIM

Centro Hospitalar de Setúbal

INDUSTRY

Healthcare Services

LOCATION

Portugal

ATTACKER

Everest

FIRST REPORTED

March 7, 2022

Request Removal

Centro Hospitalar de Setúbal Targeted by Everest Ransomware Group

About Centro Hospitalar de Setúbal

Centro Hospitalar de Setúbal is a healthcare services provider that operates in the Healthcare Services sector. The organization's website provides information on various services, including notices, urgent care, consultations, clinical services, pharmacies, and more.

Size and Vulnerabilities

The size of Centro Hospitalar de Setúbal is not explicitly mentioned in search results. However, the healthcare industry is a significant target for ransomware attacks, with organizations often targeted for their sensitive data and the potential for significant financial losses.

Everest Ransomware Group

The Everest Ransomware Group has been active since at least December 2020 and has gone through various iterations, initially focusing on data exfiltration, then becoming a ransomware operator, and now increasingly acting as an Initial Access Broker (IAB). The group targets organizations across various industries and regions, with a particular concentration in the Americas and capital goods, health, and the public sector.

Ransomware Attack and Initial Access Brokerage

Everest has been observed acting as an IAB since November 2021, with its activity increasing in recent months. The group frequently deletes its advertisements from its leak site, which can make it difficult for other security professionals to track its activity.

Motivations for Becoming an IAB

The Everest Ransomware Group's motivations for becoming an IAB are not fully understood but have been speculated to include evading law enforcement, a loss of personnel, or using IAB as a different monetization tactic.

Targeting Corporate Insiders

In addition to its ransomware and IAB activities, Everest has also been targeting corporate insiders, offering them a "good percentage" of the profits generated from successful attacks in exchange for remote access to organizations based in the US, Canada, and Europe.

The Centro Hospitalar de Setúbal has been targeted by the Everest Ransomware Group, which has been increasingly acting as an IAB. The healthcare sector remains a top target for ransomware attacks, and organizations must remain vigilant to protect against such threats.

Sources

Centro Hospitalar de Setúbal - Notícias
Everest Ransomware Group Increases Initial Access Broker Activity
Everest searching for corporate insiders amid rare pivot
Everest Ransomware: Complete Guide
Healthcare Industry Remains a Top Victim of Ransomware Attacks

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.