Florida Health Dept Suffers RansomHub Cyberattack

Incident Date: Jul 02, 2024

Attack Overview

VICTIM

Florida Department of Health

INDUSTRY

Government

LOCATION

USA

ATTACKER

Ransomhub

FIRST REPORTED

July 2, 2024

Request Removal

Ransomware Attack on Florida Department of Health by RansomHub

Overview of the Florida Department of Health

The Florida Department of Health (DOH) is a significant entity within the state government, tasked with the responsibility of protecting, promoting, and improving the health of all Floridians. Established by the Florida Legislature in 1996, the DOH operates through a network that includes a state health office, 67 county health departments, and various regional offices and public health laboratories. The agency is headquartered in Tallahassee and is led by the State Surgeon General. The DOH stands out in its comprehensive approach to public health, which includes disease prevention, environmental health, family health programs, and emergency preparedness.

Details of the Ransomware Attack

The Florida Department of Health fell victim to a ransomware attack orchestrated by the group known as RansomHub. The attackers claimed to have seized 100 gigabytes of sensitive data, threatening to release it unless a ransom was paid by a specified deadline. Following the state's policy against paying ransoms, the deadline elapsed without payment, leading to the publication of the stolen data. This breach notably disrupted the department's Vital Statistics system, impacting the issuance of essential documents like birth and death certificates. Recovery efforts are ongoing, with some functionalities restored as the department collaborates with law enforcement and other stakeholders.

Profile of RansomHub

RansomHub is a relatively new player in the cyber threat landscape, emerging as a notable ransomware group with suspected roots in Russia. Operating under a Ransomware-as-a-Service (RaaS) model, RansomHub allows affiliates to retain 90% of ransom payments, with the remainder going to the core group. The group's ransomware is developed using Golang, aligning with a growing trend among cybercriminals. RansomHub has targeted a variety of entities across different sectors and countries, demonstrating a broad and unpredictable attack pattern.

Potential Vulnerabilities and Entry Points

The Florida Department of Health, like many large government entities, manages vast amounts of sensitive data, making it an attractive target for ransomware attacks. The specific entry point used by RansomHub in this incident has not been disclosed, but common vectors include phishing attacks, exploitation of unpatched systems, or compromised credentials. The complexity and scale of the DOH's IT infrastructure might also present challenges in securing all endpoints effectively.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.