DOJ announces disruption of BlackSuit ransomware group

The Department of Justice Aug. 11 announced a series of actions taken against the BlackSuit ransomware group, also known as "Royal," including the disruption of four servers and nine domains July 24. BlackSuit attacks have targeted health care and other critical infrastructure sectors, DOJ said. "There is no doubt that the private sector also contributed information to facilitate this disruption, once again highlighting the value of public private operational engagement," said John Riggi, AHA national advisor for cybersecurity and risk. "The BlackSuit/Royal ransomware group is directly responsible for multiple disruptive attacks against hospitals and health systems, posing a direct risk to patient and community safety. We hope these aggressive law enforcement operations continue at a pace that will meaningfully degrade foreign cyber adversaries' abilities to harm the American public." For more information on this or other cyber and risk issues, contact Riggi at [email protected]. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.