virus logo Outbreak Alert

Hive Ransomware

Released: Nov 22, 2022

Download PDF »

Hive Ransomware

Critical Severity

Ransomware Type

Subscribe

$100 million plus in payouts for Ransomware-as-a-service (RaaS) attacks

The Hive ransomware gang has received up to $100+ million in ransom payments from more than 1,300 victims according to a joint advisory released by the FBI, the U.S. Cybersecurity and Infrastructure Security Agency, and the Department of Health and Human Services. Learn More »

Common Vulnerabilities and Exposures

CVE-2021-31207
CVE-2021-34473
CVE-2021-34523
CVE-2021-42321

Background

Hive ransomware was first observed in June 2021. According to the advisory, it has grown into one of the most prevalent ransomware in the ransomware as a service (RaaS) ecosystem. The RaaS model initiates from developers creating, maintaining, and updating the malware, and affiliates conducting the ransomware attacks.

Hive ransomware related attacks has targeted a wide range of industries and critical infrastructure sectors such as government, communications and information technology, with a high focus on healthcare and public health entities.

Threat Radar Overall Score:
CVSS Rating 9.1
FortiRecon Score 93/100
Known Exploited Yes
Exploit Prediction Score 97.38%
FortiGuard Telemetry 26616

Latest Development

Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.


November 17, 2022: CISA released a joint advisory on Hive Ransomware. https://www.cisa.gov/uscert/ncas/alerts/aa22-321a


November 21, 2022: Threat Signal posted at https://www.fortiguard.com/threat-signal-report/4889
FortiGuard Labs is continually monitoring and providing latest Anti-virus protections and IPS coverages for any linked vulnerabilities targeted by Hive ransomware.

FortiGuard Cybersecurity Framework

Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.


PROTECT

  • Decoy VM

  • AV

  • Vulnerability

  • AV (Pre-filter)

  • Behavior Detection

  • IPS

  • Post-execution

DETECT

  • Threat Hunting

  • IOC

  • Outbreak Detection

  • Content Update

RESPOND

  • Automated Response

  • Assisted Response Services

RECOVER

  • InfoSec Services

IDENTIFY

  • Attack Surface Monitoring (Inside & Outside)

Threat Intelligence

Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.


Loading ...