« Information Technology
  

Alleged Ransomware Administrator Extradited from South Korea

The Phobos ransomware has been used globally to target over 1,000 organizations, including healthcare.

By Jeff Wardon, Jr., Assistant Editor


Charges have been unsealed by the U.S. Justice Department against Evgenii Ptitsyn, a 42-year-old Russian national accused of using and distributing the Phobos ransomware, according to a press release. The ransomware has been used globally to target over 1,000 organizations, including healthcare, and has extorted more than $16 million. 

Prosecutors allege that from 2020 onward, Ptitsyn and cohorts sold Phobos ransomware via a site on the dark web, allowing affiliates to encrypt victims’ data and demand payment for decryption keys, according to the Justice Department. They also threatened to leak sensitive data if ransom payments weren’t made. Ptitsyn also allegedly oversaw payments through cryptocurrency wallets linked to these operations. He is being extradited from South Korea and faces 13 charges, including wire fraud, computer hacking and extortion. 

Related: Healthcare Facilities Alerted of 'Scattered Spider' Cyber Threat

A variant of the Phobos ransomware called “Backmydata” was used in a February 2024 cyberattack that took 100 Romanian healthcare facilities offline, according to The HIPAA Journal. Additionally, the group behind Phobos is known to utilize double extortion tactics, in which cybercriminals take systems offline and hold the data for ransom while also stealing data and threatening to leak it out. This can put pressure on healthcare organizations to pay out. 

Paying the ransom doesn’t guarantee the affected organizations will get their data back, though, according to the FBI. It also emboldens cybercriminals to continue their operations by targeting more potential victims. 

In addition, the FBI recommends these actions to stay safe from ransomware: 

  • Update operating systems, software and applications routinely. 
  • Ensure that antivirus and antimalware programs are set up to automatically update and run routine scans. 
  • Back up data regularly, and check to make sure they’re completed. 
  • Secure backups, and make sure they’re not connected to the devices or networks they’re backing up 
  • Create a response plan in case the organization becomes the victim of a ransomware attack. 

Jeff Wardon, Jr., is the assistant editor for the facilities market. 



November 21, 2024


Topic Area: Information Technology , Security

Recent Posts

3 Employees Injured by Patient at Halifax Infirmary's Emergency Department

Police contained the threat and took the patient into custody.

How Architects Shape the Future of Healthcare Facilities

Healthcare architecture is more than just designing and building hospitals.

UNC Health, Duke Health Form Partnership for Stand-alone Children's Hospital

The partners plan to break ground together on the new NC Children’s campus by 2027.

Sarasota Memorial Hospital Plans to Build New Facility in North Port

The six-story, 100-bed hospital is slated to open in fall of 2028.

CMMS, Data and the Path to Compliance

Taking control of healthcare facilities data in CMMS enables managers to use it to ensure the efficient operation and maintenance of their assets.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.