A lot of ransomware attacks remain performed on healthcare providers, however, identifying the magnitude to which healthcare companies are being targeted by ransomware attackers is a problem. Ransomware attack victims don’t often report the events relating to ransomware, and ransomware gangs never freely expose attacks after receiving ransom payments.
The dynamics of the attacks carried out by ransomware groups are likewise changing. Several ransomware gangs decide to perform extortion-only attacks, wherein sensitive information is exfiltrated from networks, and issues a ransom demand to avert the publishing or selling of the stolen information. Nonetheless, malware isn’t used for file encryption. The selection of whether to encrypt is decided on an attack-by-attack basis.
The cybersecurity organization Emsisoft keeps track of ransomware attacks and makes annual reports that give information about the scope to which ransomware is employed in cyberattacks, however, Emsisoft says that it is complicated to generate trustworthy statistics. The report this year reveals above 200 big agencies in the United States were attacked in the education, government, and healthcare verticals. Attacks in the education field have always been pretty steady over the past 4 years having between 84 and 89 attacks annually. There were 102 attacks on local and state governments in 2022 as opposed to the regular 102 attacks per year.
Compiling valuable data on attacks on healthcare providers was especially complicated because even though HIPAA has reporting requirements, it’s not needed to reveal the precise nature of the attacks or disclose particulars. Therefore, for the 2022 report, Emsisoft didn’t gather facts for healthcare organizations. Instead, it looked at hospitals and multi-hospital health systems.
The researchers of Emsisoft put together information from public breach notices, breach reports, dark web data leak websites, and third-party intelligence. According to this data, it was confirmed that a minimum of 105 counties, 45 school districts, 44 universities, and 25 healthcare companies encountered ransomware attacks in 2022. The real figure is possibly substantially higher due to not enough comprehensive reporting.
In all ransomware attacks and verticals, threat actors stole data prior to encrypting files in approximately 50% of the attacks, nevertheless, data theft was far more usual in ransomware attacks on hospitals. Of the 24 reported attacks on hospitals, data theft transpired in 17 of those attacks (68%). As a result of the limited precise facts released by healthcare entities and their business associates, it isn’t possible to definitively find out whether ransomware attacks have plateaued, are escalating, or going down. What is apparent is that the healthcare market is still targeted and many patients were impacted by the attacks.
Many the attacks were performed on multi-hospital health systems, and 290 hospitals all over the country were probably affected by the attacks. The 150 hospitals run by CommonSpirit Health were included in the recently reported compromise of the protected health information (PHI) of 623,774 patients. CommonSpirit Health lately affirmed that some of its hospitals were impacted.
These attacks usually lead to the theft of patient files, which can badly affect patients and make them vulnerable to identity theft and fraud. Nevertheless, the most severe impacts are on patient health. Scientific studies have been carried out that show higher mortality right after a ransomware attack and an adverse impact on patient results as a consequence of delays in getting test results, delayed visits and canceled operations. Though no deaths were linked to ransomware attacks, patient conditions are affected by the delays in obtaining therapy. Emsisoft mentions one attack that ended in the use of a computer system for computing medicine dosages, which resulted in a 3-year-old patient being given a substantial overdose of pain drugs.