Siemens Healthineers, a prominent healthcare technology giant, is currently investigating a potential ransomware incident at one of its subsidiaries following claims made by the LockBit ransomware group.
Although LockBit added data from Varian, a subsidiary specializing in radiation oncology treatments and software, to its leak site, Siemens Healthineers has not officially confirmed any data theft. While acknowledging the LockBit claims, a Siemens Healthineers spokesperson emphasized the corporation’s robust cybersecurity measures in place to manage risks.
The incident has prompted Siemens Healthineers to activate its incident response protocol, deploying an internal and external taskforce of experts to investigate the matter.
In a series of recent incidents involving healthcare organizations in the U.S., the LockBit gang added United Medical Centers to its leak site, further raising concerns about cybersecurity vulnerabilities within the healthcare sector. Recent revelations about the LockBit group’s activities have sparked debates among cybersecurity experts regarding the group’s operational strength.
According to Jon DiMaggio, chief security strategist at Analyst1, who infiltrated the group using fake personas, the LockBit gang’s leadership temporarily vanished, and the group struggled to publish stolen data due to issues with backend infrastructure and bandwidth constraints. This has led to affiliates leaving the LockBit program for more reliable alternatives, as their operational efficiency is hampered.
The LockBit gang’s activities have attracted attention from law enforcement agencies worldwide. A 20-year-old Russian national, Ruslan Astamirov, was arrested by the FBI for allegedly targeting victims globally with the notorious LockBit ransomware.
The arrest followed the detainment of another LockBit affiliate, Mikhail Vasiliev, in Canada. Despite its challenges, the LockBit group has conducted over 1,400 attacks worldwide, issuing ransom demands exceeding $100 million and securing substantial ransom payments, as reported by the U.S. Department of Justice.
The evolving situation has prompted concerns about the resilience of the LockBit gang and the broader cybersecurity landscape, especially within critical sectors such as healthcare.