Reports: Ransomware Attacks Increase as Healthcare Sector is Heaviest Hit

November 7, 2018


As per the latest Beazley’s Q3 Breach Insights Report, Cyber Criminal campaigns attacks are rising again and healthcare is the most targeted sector.

Ransomware attacks on healthcare groups comprised 37% of those managed by Beazley Breach Response (BBR) Services. This figure is more than three times the number of attacks faced by Professional facilities, the second most targeted industry with 11%.

Other cybersecurity firms including Kaspersky Lab, McAfee, and Malwarebytes have all issued reports in 2018 that show ransomware attacks are decreasing; nevertheless, Beazley’s figures show that monthly rises in attacks happened in August and September, with double the number of attacks in September compared to August.

The report emphasizes a clear tendency in cyberattacks involving several malware variations. One of these involved the Emotet banking Trojan downloaded as the main payload with an additional payload of ransomware.

Emotet is used to steal bank identifications and can download additional malevolent payloads. As soon as credentials have been seized, a ransomware payload is downloaded and deployed. This two-pronged plan has been applied by many threat groups. The ransom demands can be substantial. One group asked for a $2.8 million ransom after an extensive infection that included the encryption of standbys.

Beazley refers to research performed by Kivu Consulting that shows there has been an increase in the use of rough and ready ransomware variations that use strong encryption to safeguard files, however, lack the functionality to let the complete decryption of data. These cyberattacks can see files remain locked even if a ransom is paid or the encryption/decryption procedure can result in file corruption and major data loss.

These cyberattacks indicate how important it is for groups to carry out constant backups and to test those backups to make sure that file recovery is possible. Healthcare groups must consider a 3.2.1 strategy to backing up: Create three backup copies, on at least two separate media, with one copy saved safely offsite.

It’s not astonishing that large groups are an attractive mark for cybercriminals. Huge numbers of encrypted appliances mean higher ransom demands can be requested. Big groups are also more likely to have reserves available to pay high ransoms, even though they also have more resources to devote to cybersecurity.

Cyberattacks on small to medium-sized firms are typically easier and this is verified in Beazley’s figures. Out of the ransomware cyberattacks that the BBR Facilities team have administered, 71% of sufferers were small to medium-sized firms.

The Breach Insights report demonstrates, unlike most industry sectors, accidental revelations are the main kind of data violation in the healthcare sector and making up 32% of all data breaches in Q3, closely followed by hacks/malware occurrences on 30%. Beazley comments that healthcare cyberattack occurrences have increased from 20% to 30% this year. 17% of breaches were started by internal members of staff, 9% saw the loss of physical records, and 6% involved the loss of moveable electronic computing equipment.