Ransomware Attacks Rise: Healthcare Industry Most Heavily Targeted

Ransomware attacks are on the increase once more and healthcare is the most targeted industry, as per the lately issued Beazley’s Q3 Breach Insights Statement.

37% of ransomware attacks handled by Beazley Breach Response (BBR) Facilities affected healthcare companies – more than three times the number of attacks as the second most targeted industry: Professional services (11%).

Kaspersky Lab, McAfee, and Malwarebytes have all issued reports in 2018 that indicate ransomware attacks are in decline; nevertheless, Beazley’s figures demonstrate monthly rises in attacks in August and September, with twice the number of attacks in September compared to the preceding month. It is too early to state if this is just a blip or if attacks will carry on to increase.

The report emphasizes a growing tendency in cyberattacks involving several malware variations. One instance of which was a promotion over the summer that saw the Emotet banking Trojan copied as the primary payload with a secondary payload of ransomware.

Emotet is used to steal bank identifications and has the ability to download more malevolent payloads. As soon as identifications have been obtained, a ransomware payload is downloaded and executed. This twofer strategy has been adopted by numerous threat groups. The ransom demands can be substantial. One group demanded a $2.8 million ransom after a widespread infection that contained the encryption of backups.

Beazley quotes research carried out by Kivu Consulting that demonstrates there has been a rise in the use of rough and ready ransomware variations that use strong encryption to lock files yet lack the functionality to permit the complete decryption of data. These attacks can see files remain locked even if a ransom is paid or the encryption/decryption procedure can lead to file corruption and substantial data loss.

These attacks demonstrate how crucial it is for companies to execute regular backups and to check those backups to make sure that file recovery is possible. Healthcare companies should consider a 3.2.1 method to backing up: Create three backup copies, on at least two different media, with one copy stored securely offsite.

It stands to reason that big companies are an attractive target for cybercriminals. Large numbers of encrypted appliances mean higher ransom demands can be issued. Big organizations are also more likely to have funds available to pay large ransoms, even though they also have more funds to devote to cybersecurity.

Attacks on small to medium-sized companies are usually easier and this is shown in Beazley’s figures. Out of the ransomware attacks that the BBR Services team have handled, 71% of sufferers were small to medium-sized companies.

The Breach Insights report demonstrates that in contrast to most industry sectors, unintentional exposures are the prominent kind of breach in the healthcare industry and accounting for 32% of all data breaches in Q3, closely followed by hacks/malware occurrences on 30%. Beazley notices that healthcare hacking/malware occurrences have risen from 20% to 30% in 2018. 17% of breaches were caused by insiders, 9% involved the loss of physical records, and 6% involved the loss of moveable electronic appliances.