A recent attack on a U.S.-based medical facility in October 2023 highlights the potential threat of the ransomware gang, 8Base, to the Healthcare and Public Health sector, warns the Health Sector Cybersecurity Coordination Center.
Active since March 2022, 8Base became highly active in the summer of 2023, focusing their indiscriminate targeting on multiple sectors primarily across the United States. This surge in operational activity included the group’s engagement in double extortion tactics as an affiliate of Ransomware-as-a-Service (RaaS) groups against mostly small- to medium-sized companies. While similarities exist between 8Base and other ransomware gangs, the group’s identity, methods, and motivations remain largely unknown. What follows is an overview of the group, possible connections to other threat actors, an analysis of their ransomware attacks, their target industries and victim countries, impacts to the HPH sector, MITRE ATT&CK techniques, indicators of compromise, and recommended defenses and mitigations against the group. Read more.
