| The US Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) released this Analyst Note to provide awareness of 8Base ransomware. |
| A recent attack on a US-based medical facility in October highlights the potential threat of the ransomware gang, 8Base, to the Healthcare and Public Health (HPH) sector. Active since March 2022, 8Base became highly active in the summer of 2023, focusing their indiscriminate targeting on multiple sectors primarily across the United States. This surge in operational activity included the group’s engagement in double extortion tactics as an affiliate of Ransomware-as-a-Service (RaaS) groups against mostly small to medium-sized companies. While similarities exist between 8Base and other ransomware gangs, the group’s identity, methods, and motivations remain largely unknown. |
| This HC3 Analyst Note provides an overview of the group, possible connections to other threat actors, an analysis of their ransomware attacks, their target industries and victim countries, impacts to the HPH sector, MITRE ATT&CK techniques, indicators of compromise, recommended defenses and mitigations, and is being provided to assist agencies and organizations in guarding against the persistent malicious actions of cyber criminals. |