Vice Society’s 2021 health care targets were Barlow Respiratory Hospital, California, Eskenazi Health, Indiana, Centre Hospitalier D’Arles, France, United Health Centers, California, and a Brazilian dental firm. In addition to threatening New Zealand’s Waikato District Health Board, the group attacked the country’s health system. The airline was unable to obtain evidence of crew members’ negative Covid-19 test results because of the downtime of the digital systems of the California Health Department.
Vice Society in 2021 also attacked schools and universities. It seems that this sector has been more favoured by the United States and other nations as they devote more resources to ransomware enforcement. Famous Russian-speaking criminals were arrested for brazen offences after high-profile attacks in 2021 like the Colonial Pipeline ransomware case.
Vice Society could view education in a more quiet and underfunded area where it is possible to fly below the radar. For example, the group hit the Austrian Medical University of Innsbruck in June and Linn-Mar Community School District in Iowa at the beginning of August—neither of which many people would flag as major, obvious targets. Last week, the Bluets Maternity Hospital in Paris charged the group with a ransomware operation against its systems. Vice Society is yet to take credit for this hack.
“They’re a perfect example of the success of mediocrity in the ransomware ecosystem,” says Claire Tills, a researcher for the security firm Tenable who has studied Vice Society’s tactics and organization. “You have the top-tier groups developing their own zero days and acting all polished and professional. Vice Society continues to chugging by, and not innovating nor stealing other people’s tools. However, they are able to launch attacks, make money, and keep going.
Because Los Angeles Unified Schools District is a significant target, researchers consider the attack by this group to be important. It made more headlines than any of Vice Society’s hacks. Tills suggests that the attackers may have not been aware of the significance of Los Angeles Unified School District. Or, they may have picked the district as a test to determine if the organization is ready to take on more victims. Despite this, the failure to pay was shocking. scrutiny That may have been a sign that the group was being warned against any visible attack.
“They’re focusing on not necessarily big targets. Not everyone is aware of how bad and how devastating these attacks are, because they are so regional and they don’t necessarily break into the mainstream,” Recorded Future’s Liska says. “You may not want to be Conti and take down a whole country’s health care system, because if you do, you’re going to draw the ire of these countries.”
Tenable’s Tills says Vice Society can focus on schools less well-known. If law enforcement and defense don’t prioritize mid-tier ransomware group, Vice Society could be able keep its low profile and carry its streak.
“Vice Society has taken the approach of knowing that the education sector isn’t doing great emotionally or financially,” Tills says. Schools are feeling so pressured after having been closed for nearly two years. The ransomware operators know that stressed individuals are more inclined to take poor decisions. Although the group is now financially viable, they are still considered to be somewhat dead. So they’re not getting raided or arrested that we’ve seen so far. They’re a really good example of what we as an industry are not paying enough attention to.”