October 7, 2022
BianLian ransomware operators have added yet another name to their growing list of victims, this time freezing the systems of Alegria Family Services (AFS), a care center serving disabled individuals in the southwestern US state of New Mexico.AFS offers residential services to people with developmental disabilities in the state of New Mexico, aiming “to provide…

BianLian ransomware operators have added yet another name to their growing list of victims, this time freezing the systems of Alegria Family Services (AFS), a care center serving disabled individuals in the southwestern US state of New Mexico.

AFS offers residential services to people with developmental disabilities in the state of New Mexico, aiming “to provide a home-like living situation promoting independence, self-determination, productivity, life enjoyment, and integration into the community.” AFS also offers adult habilitation, community access and independent living services.

A crippling attack

BianLian hackers, a group of ransomware operators, decided to breach the center’s IT security and steal internal records, personnel-related files and client data, according to Databreaches.net, which covers and sometimes investigates data breaches.

AFS claims it is not clear how the threat actors gained a foothold in their infrastructure, but they do know that BianLian hackers managed to evade its AV protections “by breaking files into small units.”

The center also found that BianLian encrypted not just live data but also cloud backups.

No money to pay the ransom

While there’s no mention of how much money the hackers are trying to extort from AFS, the center tells Databreaches.net it knows it can’t pay the ransom demands.

AFS was actually in the middle of creating backups when the ransomware was triggered. Fortunately the care center has a usable Windows backup created three days before the attack, but all archived files and records going back six years are now encrypted and locked.

As it struggles with the situation, the center is calling every single client to explain what happened.

Zero ethics

Ransomware attacks signed BianLian have reportedly picked up in the past year, hitting Professional Services, Manufacturing, Healthcare, Energy & Utilities, Education, and other industries.

BianLian is known to use a custom toolkit and proprietary malware written in the “Go” programming language, which has grown popular among threat actors due to its cross-platform capabilities.

While some hacking groups have the decency to avoid hitting the healthcare sector, most have no such qualms.

In October 2020, hackers breached a psychotherapy practice in Finland and shamelessly held sensitive patient information to ransom.

In January 2021, on a Sunday evening, a cyerbattack on a hospital in Belgium prompted it to redirect emergency patients to other facilities and delay surgeries.

Source