"Daixin Ransomware Poses Critical Threat to Healthcare, Says AHA Cyber Chief"

John Riggi, Senior Advisor for Cybersecurity and Risk at the American Hospital Association (AHA), emphasizes that Daixin, a highly advanced and stealthy malware, poses the greatest threat to healthcare. Multi-factor authentication (MFA) should be the top priority for safeguarding all remote access points into the organization, as ransomware and other cyberattacks continue to plague the healthcare industry and cyber insurance becomes less of a certainty, according to Riggi. Daixin attackers often target Virtual Private Network (VPN) servers and then move laterally across the network via Secure Shell and Remote Desktop Protocol, thus making MFA essential. According to the US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA), the Daixin group has used privileged accounts to obtain access to the VMware vCenter Server utility and reset account passwords for ESXi servers in the environment. In the healthcare industry, Daixin has claimed several victims, including OakBend Medical Center, in September 2022. The alleged theft of patient health information from the hospital's servers caused weeks of network disruption. Additionally, on the Daixin dark website, proofs of the stolen information were leaked. This article continues to discuss the history of the Daixin ransomware group and the threat it poses to the healthcare sector. 

SC Media reports "Daixin Ransomware Poses Critical Threat to Healthcare, Says AHA Cyber Chief"