« Information Technology
  

Alleged Ransomware Administrator Extradited from South Korea

The Phobos ransomware has been used globally to target over 1,000 organizations, including healthcare.

By Jeff Wardon, Jr., Assistant Editor


Charges have been unsealed by the U.S. Justice Department against Evgenii Ptitsyn, a 42-year-old Russian national accused of using and distributing the Phobos ransomware, according to a press release. The ransomware has been used globally to target over 1,000 organizations, including healthcare, and has extorted more than $16 million. 

Prosecutors allege that from 2020 onward, Ptitsyn and cohorts sold Phobos ransomware via a site on the dark web, allowing affiliates to encrypt victims’ data and demand payment for decryption keys, according to the Justice Department. They also threatened to leak sensitive data if ransom payments weren’t made. Ptitsyn also allegedly oversaw payments through cryptocurrency wallets linked to these operations. He is being extradited from South Korea and faces 13 charges, including wire fraud, computer hacking and extortion. 

Related: Healthcare Facilities Alerted of 'Scattered Spider' Cyber Threat

A variant of the Phobos ransomware called “Backmydata” was used in a February 2024 cyberattack that took 100 Romanian healthcare facilities offline, according to The HIPAA Journal. Additionally, the group behind Phobos is known to utilize double extortion tactics, in which cybercriminals take systems offline and hold the data for ransom while also stealing data and threatening to leak it out. This can put pressure on healthcare organizations to pay out. 

Paying the ransom doesn’t guarantee the affected organizations will get their data back, though, according to the FBI. It also emboldens cybercriminals to continue their operations by targeting more potential victims. 

In addition, the FBI recommends these actions to stay safe from ransomware: 

  • Update operating systems, software and applications routinely. 
  • Ensure that antivirus and antimalware programs are set up to automatically update and run routine scans. 
  • Back up data regularly, and check to make sure they’re completed. 
  • Secure backups, and make sure they’re not connected to the devices or networks they’re backing up 
  • Create a response plan in case the organization becomes the victim of a ransomware attack. 

Jeff Wardon, Jr., is the assistant editor for the facilities market. 



November 21, 2024


Topic Area: Information Technology , Security

Recent Posts

Cleanliness Is a Measurable Outcome

By restoring the distinction between cleaning and cleanliness, managers and staffs can better protect patients from environmental pathogens.

Workplace Safety and the Role of Access Control

Workplace violence and other issues threaten patients, staff and operations, so managers need to rethink security measures and technology.

Henry Ford Hospital Celebrates Construction Milestone for Expansion Project

Crews from BTD, a joint venture created by Barton Malow, Turner Construction and Dixon Construction, are on track to complete the hospital in 2029.

How EVS Leaders Can Support Staff for Better Cleaning

Environmental services is one of the most important departments in healthcare facilities, but it can be a difficult one to manage.

Addressing Infection Prevention Staffing Gaps in Ambulatory and Procedural Care

Traditional models that are based on inpatient bed counts fail to account for the unique demands of ambulatory and procedural settings.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.