Everest Ransomware Group Targets Pureform Radiology Center

Pureform Radiology Center, a prominent diagnostic imaging provider in Calgary and Airdrie, Alberta, has fallen victim to a ransomware attack orchestrated by the notorious Everest ransomware group. This incident highlights the increasing vulnerability of healthcare providers to cyber threats, with potential repercussions for patient data security and service delivery.

About Pureform Radiology Center

Pureform Radiology Center is a community-focused diagnostic imaging provider specializing in services such as X-rays, ultrasounds, mammography, and bone mineral densitometry. Established in 2008, Pureform was the first community provider of digital mammography in Calgary. The center operates under the brand PureKids Radiology for pediatric services, emphasizing a comforting environment for young patients. With a team of over fourteen radiologists, Pureform is known for its commitment to high-quality patient care and accessibility, with services fully covered by Alberta Health Care.

Details of the Ransomware Attack

The Everest ransomware group has claimed responsibility for the attack on Pureform Radiology Center, as announced on their dark web leak site. The attack has reportedly compromised the center's operational capabilities, potentially affecting patient data and service delivery. Everest is known for its sophisticated encryption methods, which likely rendered critical systems inaccessible until a ransom is paid. This attack underscores the growing threat of ransomware to healthcare providers, which can have severe implications for patient care and data security.

Profile of the Everest Ransomware Group

Active since December 2020, the Everest ransomware group is notorious for its involvement in ransomware attacks, data exfiltration, and initial access brokering. The group targets organizations across various industries, with a particular focus on the healthcare sector. Everest employs a combination of compromised user accounts and Remote Desktop Protocol for lateral movement, using AES and DES algorithms to encrypt files. The group has been linked to other ransomware entities, such as BlackByte, and is known for its high ransom demands.

Potential Vulnerabilities and Penetration Tactics

Healthcare providers like Pureform Radiology Center are increasingly targeted by ransomware groups due to the critical nature of their services and the sensitive data they handle. The Everest group may have penetrated Pureform's systems through compromised user accounts or vulnerabilities in remote access protocols. The attack highlights the need for comprehensive cybersecurity measures in the healthcare sector to protect against such sophisticated threats.

Sources

• Pureform Radiology - About Us
• Everest Ransomware Group Increases Initial Access Broker Activity
• Everest Ransomware
• Ransomed.vc Ransomware Group Spotted in the Wild
• Climbing Mount Everest: BlackByte Bytes Back