3rdPartyFeeds

Healthcare organisations targeted by ransomware gangs

More than any other sector, healthcare organisations are the target of ransomware attacks. Recent research makes the supply chain connection. Read More...

Healthcare organisations have a reputation for being IT technology laggards not leaders.

The industry has traditionally been slow to adopt cutting-edge IT.  Unfortunately, this includes cybersecurity where threat actors have been quick to exploit big gaps in defences. 

Recently published research from risk management provider RiskRecon bears this out, showing that more than any other segment healthcare providers are targeted in what the company terms “destructive ransomware events” in which the compromised institution’s operations are disrupted because of encryption of essential systems. 

The study, which examined 1,454 destructive ransomware events that occurred between 2016 and 2023, found that even if an organisation has an excellent security posture itself, if there are any vulnerabilities in its supply chain it could be successfully targeted.

Microsoft’s warning to healthcare

The research was published the same week Microsoft warned that threat actors are leveraging INC Ransom, a ransomware-as-a-service provider, and are taking aim at healthcare organisations. 2024 has been a difficult year for healthcare organisations and ransomware. 

In February, medical payment processor Change Healthcare was hit by a ransomware attack that wreaked havoc on its affiliates who depended on the organisation to handle their financial transactions. 

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

The ALPHV/BlackCat ransomware organisation exfiltrated as much as 4TB of data including medical records and payment information. Change Healthcare allegedly paid the hackers $22m but ultimately expenses associated with the event are likely to top $1b.

Unsafe networks invite ransomware attacks

Of those who had what RiskRecon classified as “poor security hygiene, the company said there were a number of issues underlying this. 

Among those, RiskRecon said they had 7.2 times more high or critical severity issues in their Internet-facing systems. These at-risk organisations had on average 12.2 times more unsafe network services exposed such as Remote Desktop Protocol (RDP). 

These enterprises also had 23.7 times elevated rate of malicious activity and 6.4 times higher encryption configuration issues in critical systems. 

Weekend warriors

In the last three years, just under 48% of the initial attack ingress breached the enterprises either through unsafe network services or unpatched software.

RiskRecon noted that while threat actors launch attacks seven days a week, 46% occur from Friday to Sunday when fewer IT and security staff are likely to be working.

Read More

Add Comment

Click here to post a comment