Ransomware Threatens Production of 300 Ventilators Per Day

Published at: Aug. 7, 2020

The FDA-approved Coronavirus ventilator manufacturer Boyce Technologies has been targeted by ransomware launched by the DoppelPaymer gang, who are  threatening to leak data from the company.

Cointelegraph has viewed the DoppelPaymer blog, where the gang lists example files of the data stolen during the attack, including sales and purchase orders, assignment forms, among others.

The cybercriminals have threatened that more information will be disclosed next week through the site if an undisclosed crypto ransom is not paid by the firm.

Boyce Technologies is well-known for its work in designing and manufacturing FDA-approved low-cost ventilators in just 30 days during the first months of the COVID-19 pandemic, amid the big demand for the machines across New York hospitals.

Prior to the attack the company was making 300 units a day with the help of the robots built by the company.

Healthcare sector under threat despite COVID-19 pandemic

Speaking with Cointelegraph, Brett Callow, threat analyst and ransomware expert at malware lab, Emsisoft, warns that such attacks on hospitals, medical testing labs, and medical device manufacturers may not only cost money, “they may cost lives as well.” He adds:

“Unfortunately, ransomware will continue to be a problem for as long as ransoms continue to be paid, and this is something organizations should keep this in mind. If they choose to pay, they’re helping to ensure that other organizations will be hit in future, and those organizations may be ones that provide critically important services.”

As of press time, Boyce Technologies has not issued an official statement addressing the ransomware attack, nor additional information on what extent the attack has impacted their operations.

Microsoft's security team revealed more details in May about DoppelPaymer as a ransomware deployed in human-operated attacks. It uses "brute force" against a target company's systems management server, and mainly has targeted the healthcare sector amid the COVID-19 crisis.

Tags
Related Posts
US Secret Service Creates Finance-Related Cybercrime Task Force
The U.S. Secret Service announced the creation of the Cyber Fraud Task Force, or CFTF on July 10, after merged its Electronic Crimes Task Forces and Financial Crimes Task Forces into a single network. According to the official announcement, the Secret Service had been planning over two years to create a unified task force to combat cybercrimes related to the financial sector and fight things like ransomware attacks, business email compromise scams, credit card online stealing, among others. The CFTF appears in a context that the illegal market of credit card stolen data through the dark web and banking details …
Blockchain / July 12, 2020
Major Chilean bank shuts down all branches following ransomware attack
Banco Estado, the only public bank in Chile and one of the three largest in the country, had to shut down its nationwide operations on Monday due to a cyberattack that turned out to be a ransomware launched by REvil. According to a public statement, the branches will remain closed for at least one day, but clarified that customers’ funds have not been affected by the incident. Citing sources close to the investigation, ZDNet reported that the REvil ransomware gang is behind the attack. It reportedly originated from an Office document infected with the malware that an employee received and …
Technology / Sept. 8, 2020
Bitcoin Ransomware and Remote Working: What the Future Holds
The new work-from-home culture is gaining more traction than ever before as businesses, government departments and schools try to remain afloat while flattening the pandemic curve. This migration to remote working is a double-edged sword that creates a fertile land for cybercriminals to thrive on. There is no way that cyberattacks can be eliminated completely. The best that companies can do is minimize the frequency of the threats. What is ransomware? Cybercriminals use malicious software code to block people or organizations from accessing their computer systems until a ransom has been paid. Cryptocurrencies such as Bitcoin (BTC) have made it …
Technology / Aug. 21, 2020
California University Pays Million-Dollar Crypto Ransom
The University of California at San Francisco School of Medicine reportedly paid a $1.14 million ransom in cryptocurrencies to the hackers behind a ransomware attack on June 1. According to CBS San Francisco, the UCSF IT staff first detected the security incident, stating that the attack launched by NetWalker group affected “a limited number of servers in the School of Medicine.” Although the areas were isolated by experts from the internal network, the hackers left the servers inaccessible and managed to deploy the ransomware successfully. A statement published by the University of California said: “The data that was encrypted is …
Technology / June 30, 2020
Expert Warns: Don’t Trust Ransomware Groups Amid Pandemic
A cybersecurity expert explained why he is convinced that the promises made by ransomware groups amid the pandemic are irrelevant. Brett Callow — threat analyst at cybersecurity firm Emsisoft — told Cointelegraph that multiple ransomware groups recently made promises to halt their activity against medical organizations amid the coronavirus pandemic. Still, he believes that those promises are irrelevant: “The claims of a ceasefire made by ransomware groups are irrelevant [and] should be completely disregarded. Would you leave your front door unlocked simply because the local burglars had pinky-promised not to rob you? Probably not. The story of the frog and …
Blockchain / April 16, 2020