Swatting is an extreme form of prank-calling in which calls are repeatedly made to the police about a certain individual - in this case patients - regarding bomb threats or other highly concerning allegations, leaving authorities no choice but to show up at these unknowing victims' homes heavily armed.
These threat actors seem to think that putting this kind of pressure on US hospitals will force a ransom payment if it means patients will stop being targeted, such as when medical records were stolen from Fred Hutchinson Cancer Center in Seattle last November.
The threat actors in that case threatened to heighten the stakes by targeting the center's patients with the swatting technique.
Integris Health in Oklahoma experienced its own cyber-incident where threat actors potentially accessed personal data of patients.
Some of them ultimately began to receive emails from threat actors preparing to sell their personal information if demands were not met.
These extreme measures of extortion are only part of an escalation of tactics that cyber professionals have tracked over the years, though it's dependent on each institution whether these tactics actually result in a ransom payment.
This Cyber News was published on www.darkreading.com. Publication date: Mon, 08 Jan 2024 18:25:04 +0000