CUNA News
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • Credit Union Magazine
    • Buyers' Guide
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • Advertise
  • Topics
    • Community Service
    • Compliance
    • Credit Union Hero
    • Credit Union Rock Star
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Jobs
  • Contact

News

Home » Agencies issue cybersecurity advisory on latest Hive ransomware variants
Policy & Issues

Agencies issue cybersecurity advisory on latest Hive ransomware variants

November 20, 2022
BSA, cybersecurity top NCUA’s exam agenda

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of the Health and Human Services (HHS) released a joint Cybersecurity Advisory (CSA) with technical details associated with Hive ransomware variants identified through FBI investigations as recently as November 2022. 

From June 2021 through at least November 2022, threat actors have used Hive ransomware, which follows the Ransomware-as-a-Service (RaaS) model, to target a wide range of businesses and critical infrastructure sectors, including government facilities, communications, manufacturing, information technology, and especially organizations in the Healthcare and Public Health (HPH) sector. 

The method of initial intrusion depends upon the Hive RaaS affiliate that targets the network, which include using compromised credentials in Remote Desktop Protocol (RDP), virtual private networks (VPNs), and other remote network connection protocols in which multifactor authentication (MFA) is not enabled.   

Actions that organizations can take today to mitigate cyber threat to ransomware include:

  • Prioritize remediating known exploited vulnerabilities.
  • Enable and enforce multi-factor authentication with strong passwords
  • Close unused ports and remove any application not deemed necessary for day-to-day operations.  

CISA, FBI and HHS urge all organizations, particularly those in the HPH sector, to apply the recommended mitigations in this CSA to reduce the likelihood of compromise from Hive and other ransomware operations. Victims of ransomware should report the incident to their local FBI field office or CISA. 

Credit Union Magazine: Rock Stars 2023

Rock Stars 2023

Credit Union Rock Stars are outstanding credit union professionals and directors from a wide range of disciplines who inspire and innovate to advance the missions of their credit unions. The 25 members of the 11th class of Rock Stars were selected for their exceptional creativity, innovation, and passion.
Digital Edition •  Subscribe

Trending

  • Senate Banking Committee passes cannabis banking bill

  • CUNA, NAFCU provide updates on merger website

  • FinCEN issues Small Entity Compliance Guide for BOI reporting rule

Polls

Do you plan to use the FedNow instant payment service?

View Results
More

Champion for the Credit Union Movement

Credit Union National Association is the most influential financial services trade association and the only national association that advocates on behalf of all of America's credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • Membership
  • Contact Us
  • Careers

Resources for

  • Credit Union Advocates
  • Leagues
  • Press
  • Providers

Our Affiliates

  • American Association of Credit Union Leagues (AACUL)
  • Credit Union Awareness
  • Credit Union House
  • CUNA Strategic Services
  • National Credit Union Foundation
GET CUNA UPDATES
© 2023 Credit Union National Association | ADA Compliance Notice & Legal
Email Us