Blog

Hive has become one of the top cyber security threats, requiring vulnerable organizations and MSSPs to search for security solutions that are safe, friendly and cost effective. BUFFERZONE provides such a solution  

Hive ransomware attacks are quickly becoming a popular tool used by cyber criminals to disrupt computer networks of healthcare institutions, retailers and other organizations that need to protect their data.

A severe case occurred last month when reportedly the network of Partnership HealthPlan of California, a non-profit health care organization, was down after an alleged Hive ransomware attack.

In a dark web post, the ransomware group claimed to have accessed Partnership HealthPlan’s system and stolen 400GB files. The post claims the files contain hundreds of thousands of medical records including names, social security numbers, dates of birth, addresses and contact details.

This was followed days later by a similar attack on Indonesian gas giant Perusahaan Gas Negara (PGN). 

Among Hive’s highest-profile victims are Europe’s largest consumer electronics retailer Media Markt. In November 2021, from whom attackers demanded $50 million, and Memorial Health System in Ohio last August, the attack on which disrupted clinical and financial operations.

Analysts at cybersecurity company Group-IB, investigating the Hive ransomware-as-a-service (RaaS) operation, reported that this group is “one of the most aggressive ones,” its affiliates hitting at least 355 companies in less than six months.

Ransomware as a service (RaaS) is a business model, based on the software as a service (SaaS) model, that involves selling or renting ransomware to buyers, called affiliates.

Hive cyber gangs primary focus is faster payment, and they achieve this by increasing pressure on their victims by stealing their data before encrypting it.

Hive can gain access to the victim’s data by sending out phishing emails with malicious attachments and by hijacking the Remote Desktop Protocol (RDP).

The Hive threat should be taken seriously as it is evident that it has caused immense damage and is spreading fast.

BUFFERZONE to the rescue

Several ways have been suggested for dealing with the Hive danger, with most proposed solutions focusing on detection and response.

BUFFERZONE offers a different approach, based on prevention. The Safe Workspace solution is ideal for managed security service providers (MSSP) that are looking for a simple, yet effective security solution to offer their customers, that doesn’t require much support. 

BUFFERZONE keeps access to all external, untrusted content such as unknown internet sites, external email messages and removable media in a virtual container, along with anything saved or downloaded.

Contained browsing sessions and applications cannot reach the native endpoint or organizational resources. Those are accessed only by uncontained browsing sessions and applications, which can’t have accessed untrusted sites.

By using BUFFERZONE Safe Mail and Safe Browsing, Both Outlook and browsers (Chrome, Edge, and Firefox) run in a contained environment, virtually isolated from operating system files. This contains the attack and prevents it from accessing the user’s PC, eliminating the risk of exposure to known, unknown, and evolving malicious activities such as Hive ransomware.