alphv attacks AMS GROUP
Incident Date:
June 1, 2022
Overview
Title
alphv attacks AMS GROUP
Victim
AMS GROUP
Attacker
Alphv
Location
First Reported
June 1, 2022
AMS Group Targeted by Ransomware Group Alphv
Company Profile
AMS Group is a German company with a strong focus on security and service. They have a team of over 100 security and service employees, which allows them to handle larger tasks for their clients. Their team members are trained according to the German Security Industry Act (§34a) and have successfully completed a Sachkundeprüfung (a German vocational qualification in the field of security). The company prides itself on its discretion and professionalism, with employees who identify with the company's philosophy and work diligently and professionally.
Vulnerabilities
While AMS Group has a strong focus on security, they have not publicly disclosed any specific measures they have taken to protect against ransomware attacks. The company's website does not provide information on their cybersecurity practices or any certifications they may hold. This lack of transparency could make it difficult for potential clients to assess the company's security posture and vulnerabilities.
Alphv's Targeting of Healthcare Entities
Alphv, also known as BlackCat, has been linked to numerous cyberattacks against healthcare entities in the United States. The group has claimed responsibility for attacks on Change Healthcare, a subsidiary of UnitedHealth Group, and has targeted other healthcare organizations. Alphv is known for its role in the breaches of Las Vegas casinos and has been involved in attacks on at least eight healthcare organizations since December 2023. The group has been particularly active in the healthcare sector, making it the most targeted sector by Alphv.
The ransomware attack on AMS Group by Alphv highlights the need for companies, especially those in the manufacturing sector, to be vigilant against cyber threats. While AMS Group has a strong focus on security, they have not publicly disclosed any specific measures they have taken to protect against ransomware attacks. This lack of transparency could make it difficult for potential clients to assess the company's security posture and vulnerabilities. As Alphv has shown a preference for targeting healthcare entities, it is crucial for companies in this sector to be aware of the risks and take appropriate measures to protect themselves.
Sources
- AMS Group Website: https://amsgroup.de
- CyberScoop: Notorious ransomware group claims responsibility for attacks roiling US healthcare entities: https://cyberscoop.com/ransomware-alphv-healthcare-pharmacies/
- KrebsOnSecurity: BlackCat Ransomware Group Implodes After Apparent $22M Ransom Payment by Change Healthcare: https://krebsonsecurity.com/2024/03/blackcat-ransomware-group-implodes-after-apparent-22m-ransom-payment-by-change-healthcare/
- Justice.gov: U.S. and U.K. Disrupt LockBit Ransomware Variant: https://www.justice.gov/opa/pr/us-and-uk-disrupt-lockbit-ransomware-variant
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.