Russian-backed ransomware gang Clop poses a major threat to the healthcare and public health sector as it has allegedly attacked Franklin, Tenn.-based Community Health Systems, the Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center wrote in its Feb. 22 brief.
Six things to know about Clop:
- Clop is a Russia-linked ransomware group that has been active since February 2019.
- Most recently, the group claimed responsibility for a mass-hacking of 130 organizations, including Franklin, Tenn.-based Community Health Systems. The attack lasted 10 days and allegedly compromised patient health data, yet the HHS says these claims have been unconfirmed.
- Clop operates as a ransomware as a service.
- In 2021, 77 percent of the group’s attacks were attempts at hacking critical infrastructure industry.
- In June 2021, law enforcement arrested six individuals in Ukraine linked to Clop, but according to the HHS, this has not deterred them.
- HHS is recommending organizations patch the GoAnywhere software flaw that Clop has recently utilized to attack Community Health Systems, and urged healthcare organizations to stay vigilant.