Extortionists are now threatening to swat hospital patients - calling in bomb threats or other bogus reports to the police so heavily armed cops show up at victims' homes - if the medical centers don't pay the crooks' ransom demands.
After intruders broke into Seattle's Fred Hutchinson Cancer Center's IT network in November and stole medical records - everything from Social Security numbers to diagnoses and lab results - miscreants threatened to turn on the patients themselves directly.
The idea being, it seems, that those patients and the media coverage from any swatting will put pressure on the US hospital to pay up and end the extortion.
Other crews do similar when attacking IT service provider: they don't just extort the suppliers, they also threaten or further extort customers of those providers.
Which operates more than 10 clinics in Washington's Puget Sound region, declined to answer additional comments about the threats.
Some of these patients reported receiving emails from miscreants threatening to sell their information on the dark web.
These kind of boilerplate responses may not be as reassuring as some corporate types think.
This latest swatting threat raises worrying questions as to how far criminals are willing to go in their pursuit of loot.
Earlier this week, the security shop called for a complete ban on ransom payments, noting that extortion tactics were becoming more extreme and now include swatting threats.
Sam Rubin, VP of Unit 42 Consulting at Palo Alto Networks, told The Register his team hadn't seen any swatting attempts by extortion crews in 2023, though the shift in tactics seems likely.
Over the past year, Unit 42 has seen cybercriminals send threatening texts to the spouse of a CEO whose organization was being extorted, Rubin added, again piling on the pressure for payment.
The consulting and incident response unit has also witnessed miscreants sending flowers to a victim company's executive team, and issuing ransom demands via printers connected to the affected firm's network.
Ransomware attacks against critical infrastructure including hospitals become more frequent.
Emsisoft reported 46 infections against US hospitals networks last year alone, up from 25 in 2022.
In total, at least 141 hospitals were infected, and at least 32 of the 46 networks had data - including protected health information - stolen.
It's bad enough that these attacks have diverted ambulances and postponed critical care for patients, and now the criminals are inflicting even more pain on people.
Last year this included leaking breast cancer patients' nudes.
Swatting seems to be the next, albeit abhorrent, step.
This Cyber News was published on go.theregister.com. Publication date: Fri, 05 Jan 2024 22:13:05 +0000