CUNA News
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • Topics
    • Community Service
    • Compliance
    • Credit Union Hero
    • Credit Union Rock Star
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Credit Union Magazine
    • Buyers' Guide
    • COVID-19
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • Advertise
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Jobs
  • Contact

News

Home » Agencies issue cybersecurity advisory on latest Hive ransomware variants
Policy & Issues

Agencies issue cybersecurity advisory on latest Hive ransomware variants

November 20, 2022
BSA, cybersecurity top NCUA’s exam agenda

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of the Health and Human Services (HHS) released a joint Cybersecurity Advisory (CSA) with technical details associated with Hive ransomware variants identified through FBI investigations as recently as November 2022. 

From June 2021 through at least November 2022, threat actors have used Hive ransomware, which follows the Ransomware-as-a-Service (RaaS) model, to target a wide range of businesses and critical infrastructure sectors, including government facilities, communications, manufacturing, information technology, and especially organizations in the Healthcare and Public Health (HPH) sector. 

The method of initial intrusion depends upon the Hive RaaS affiliate that targets the network, which include using compromised credentials in Remote Desktop Protocol (RDP), virtual private networks (VPNs), and other remote network connection protocols in which multifactor authentication (MFA) is not enabled.   

Actions that organizations can take today to mitigate cyber threat to ransomware include:

  • Prioritize remediating known exploited vulnerabilities.
  • Enable and enforce multi-factor authentication with strong passwords
  • Close unused ports and remove any application not deemed necessary for day-to-day operations.  

CISA, FBI and HHS urge all organizations, particularly those in the HPH sector, to apply the recommended mitigations in this CSA to reduce the likelihood of compromise from Hive and other ransomware operations. Victims of ransomware should report the incident to their local FBI field office or CISA. 

Credit Union Magazine: Spring 2023

Spring 2023

Credit Union Magazine’s Spring 2023 issue features the 2023 Credit Union Heroes and examines CUNA-League advocacy priorities, board leadership, the impact of financial well-being efforts, fee-related compliance issues, predictions for the year ahead, and more.
Digital Edition •  Subscribe

Trending

  • CUNA Mascot Madness: Voting opens for East Region

  • CUNA launches page with bank collapse response resources

  • League leaders highlight credit union difference, safety, soundness

Tweets by CUNA_News

Polls

CUNA Mascot Madness: Which Midwest Region mascot is your favorite?

View Results
More

Champion for the Credit Union Movement

Credit Union National Association is the most influential financial services trade association and the only national association that advocates on behalf of all of America's credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • Membership
  • Contact Us
  • Careers

Resources for

  • Credit Union Advocates
  • Leagues
  • Press
  • Providers

Our Affiliates

  • American Association of Credit Union Leagues (AACUL)
  • Credit Union Awareness
  • Credit Union House
  • CUNA Strategic Services
  • National Credit Union Foundation
GET CUNA UPDATES
© 2023 Credit Union National Association | ADA Compliance Notice & Legal
Email Us