Ransomware Attack on Center for Digestive Health by BianLian
Incident Date:
May 18, 2024
Overview
Title
Ransomware Attack on Center for Digestive Health by BianLian
Victim
Center for Digestive Health
Attacker
Bianlian
Location
First Reported
May 18, 2024
Ransomware Attack on Center for Digestive Health by BianLian
The Center for Digestive Health: An Overview
The Center for Digestive Health, a reputable healthcare organization based in Orlando, Florida, specializing in digestive system disorders, recently faced a severe setback in the form of a ransomware attack orchestrated by the notorious group, BianLian. With a rich history spanning over 40 years, the center has established itself as a leader in the field, offering top-notch care through a team of seasoned gastroenterologists and a comprehensive range of clinical services, including anesthesiology, pathology laboratory, and endoscopy.
Targeted by Cybercriminals
As a company with a workforce of 92 employees and an estimated annual revenue of $6.3 million, the Center for Digestive Health operates within the medical offices sector, serving the Orlando community and beyond. Despite its robust presence and dedication to quality healthcare, the organization became a prime target for cybercriminals, falling victim to BianLian's sophisticated attack tactics.
Data Breach and Extortion
The ramifications of this cyberattack were severe, with BianLian managing to breach the organization's website, and pilfer a staggering 2.2 terabytes of sensitive data. Among the compromised information were critical medical records, financial data, contract details, operational documents, and email archives, posing a significant threat to the privacy and security of both patients and the organization itself.
BianLian's Modus Operandi
BianLian, known for its advanced techniques and global targeting of businesses, governmental bodies, and healthcare facilities, operates with a primary goal of extorting hefty ransoms from its victims. Employing tactics such as exfiltration-based extortion, the group instills fear by threatening severe financial and legal repercussions if their demands are not met promptly.
Attack Analysis and Cybersecurity Imperatives
The attack's modus operandi suggests that BianLian likely gained unauthorized access to the Center for Digestive Health's systems through compromised Remote Desktop Protocol (RDP) credentials. Subsequently, the group deployed custom backdoors, leveraged PowerShell and Windows Command Shell for evasion purposes, and utilized various tools to execute data exfiltration and maximize impact. As the organization grapples with the aftermath of this devastating cyber incident, it underscores the pressing need for heightened cybersecurity measures within the healthcare industry. With sources citing information from the Center for Digestive Health's website and insights from cybersecurity experts at Quorum Cyber, it serves as a stark reminder of the ever-evolving threats facing organizations worldwide.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.