This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

  Everyone, I'm Drex, and this is the 2 Minute Drill, where I do three quick stories twice a week, all part of one great community, the 229 Cyber and Risk Community, here at This Week Health. Today's drill is brought to you by Fortified Health Security. No matter where you're at in your security journey, Fortified can help you improve your security posture through their 24 7 threat defense services.

or advisory solutions delivered through Central Command, a first of its kind platform that simplifies cybersecurity management and provides the visibility you need to mature your program. Learn more at fortifiedhealthsecurity. com. Thanks for joining me today. Here's some stuff you might want to know about.

The FBI and CISA have issued a warning that the ransomware group formerly known as Royal Ransomware, a cyber gang that's pulled down half a billion dollars through their online criminal activity, is rebranded. They're now known as BlackSuit. The FBI CISA updates includes a list of tactics, techniques, and procedures.

The folks in the business called TTPs, BlackSuit uses. They have a history of attacking critical infrastructure organizations, including healthcare. So you should review those updates and take steps as appropriate to protect yourselves. While this story isn't specifically about healthcare, it's definitely worth knowing about.

Iran has denied the allegations. Communications. Communications. And I don't think you have to be a genius to predict the future here. I expect cyber attacks on political campaigns at all levels will only ramp up between now and election day. And chalk one up for the good guys. Wired has a story on a guy named Grant Smith, who put one over on cyber thugs who run those smishing networks.

You know, those folks who send the fake text messages saying that the post office tried to deliver a package, but they couldn't find you. And so the, you need to click this link. And enter a bunch of information so the post office can deliver that really important package, except the link is fake and it asks for a bunch of other stuff too, like your credit card number.

And what have I and your CISOs for years told you about getting messages from someone you don't know? Don't click on the links. Don't click on the links. Anyway, back to Grant Smith, turns out his wife clicked on one of those fake messages and entered her credit card number, and then realized she'd made a mistake, and she told her husband.

Unfortunately for the bad guys, Smith is a red team engineer and a professional cyber guy, and so he did what those guys do, and long story short, he hacked into the bad guy's systems, handing over hundreds of thousands of victims names and credit card numbers and over a thousand domain names used by the bad guys.

He handed all that stuff over to U. S. Postal Service and a U. S. bank and other authorities. And they've taken it from there. All the juicy details on that story and all the others are at ThisWeekHealth. com slash news. Thanks again to our two minute drill sponsor, healthcare cyber partner, Fortified Health Security.

With a 98 percent client retention rate and three consecutive best in class awards, Fortified's exclusive focus on healthcare cybersecurity makes them the go to partner for healthcare organizations wanting to strengthen their cybersecurity posture. Find out more at fortifiedhealthsecurity. com. And that's it for today's two minute drill.

Thanks for being here. Stay a little paranoid. I'll see you around campus.