everest attacks Centro Hospitalar de Setúbal
Incident Date:
March 7, 2022
Overview
Title
everest attacks Centro Hospitalar de Setúbal
Victim
Centro Hospitalar de Setúbal
Attacker
Everest
Location
First Reported
March 7, 2022
Centro Hospitalar de Setúbal Targeted by Everest Ransomware Group
About Centro Hospitalar de Setúbal
Centro Hospitalar de Setúbal is a healthcare services provider that operates in the Healthcare Services sector. The organization's website provides information on various services, including notices, urgent care, consultations, clinical services, pharmacies, and more.
Size and Vulnerabilities
The size of Centro Hospitalar de Setúbal is not explicitly mentioned in search results. However, the healthcare industry is a significant target for ransomware attacks, with organizations often targeted for their sensitive data and the potential for significant financial losses.
Everest Ransomware Group
The Everest Ransomware Group has been active since at least December 2020 and has gone through various iterations, initially focusing on data exfiltration, then becoming a ransomware operator, and now increasingly acting as an Initial Access Broker (IAB). The group targets organizations across various industries and regions, with a particular concentration in the Americas and capital goods, health, and the public sector.
Ransomware Attack and Initial Access Brokerage
Everest has been observed acting as an IAB since November 2021, with its activity increasing in recent months. The group frequently deletes its advertisements from its leak site, which can make it difficult for other security professionals to track its activity.
Motivations for Becoming an IAB
The Everest Ransomware Group's motivations for becoming an IAB are not fully understood but have been speculated to include evading law enforcement, a loss of personnel, or using IAB as a different monetization tactic.
Targeting Corporate Insiders
In addition to its ransomware and IAB activities, Everest has also been targeting corporate insiders, offering them a "good percentage" of the profits generated from successful attacks in exchange for remote access to organizations based in the US, Canada, and Europe.
The Centro Hospitalar de Setúbal has been targeted by the Everest Ransomware Group, which has been increasingly acting as an IAB. The healthcare sector remains a top target for ransomware attacks, and organizations must remain vigilant to protect against such threats.
Sources
- Centro Hospitalar de Setúbal - Notícias
- Everest Ransomware Group Increases Initial Access Broker Activity
- Everest searching for corporate insiders amid rare pivot
- Everest Ransomware: Complete Guide
- Healthcare Industry Remains a Top Victim of Ransomware Attacks
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.