Many ransomware attacks are still carried out on healthcare companies, however, finding out the magnitude to which healthcare providers are being attacked by ransomware groups is a difficult task. Ransomware attack victims do not usually document the occurrences concerning ransomware, and ransomware groups don’t openly reveal attacks if the ransom is paid.
The character of the attacks performed by ransomware gangs is additionally changing. A number of ransomware groups choose to carry out extortion-only attacks, in which sensitive information is extracted from systems, and issues a ransom demand to stop its being posted or sold. Nevertheless, malware isn’t employed for file encryption. The choice of whether or not to encrypt seems to be determined on an attack-by-attack basis.
The cybersecurity company Emsisoft monitors ransomware attacks and creates yearly reports that offer ideas into the scope to which ransomware is utilized in cyberattacks, however, Emsisoft states that it is hard to create good statistics. The report this year indicates over 200 big companies in the U.S. were attacked in education, government, and medical care. Attacks in the education industry have continued to be quite constant in the last 4 years having from 84 to 89 attacks every year. There were 102 attacks on state and local governments in 2022 compared to the regular of 102 attacks annually.
Compiling important data on attacks on healthcare companies was notably difficult because though HIPAA has reporting specifications, it isn’t required to make known the particular nature of the attacks or publish information. Because of this, regarding the 2022 report, Emsisoft didn’t gather information for healthcare companies. Instead, it studied hospitals and multi-hospital health networks.
The researchers of Emsisoft gathered facts from breach reports, breach notices, dark web data leak websites, and third-party intelligence. According to this data, it was found that a minimum of 105 counties, 44 universities, 45 school districts, and 25 healthcare organizations experienced ransomware attacks in 2022. The correct figure is likely considerably higher because of insufficient in-depth reporting.
In all ransomware attacks and verticals, attackers stole data before encrypting files in about one-half of the attacks, nevertheless, data theft was a lot more typical in attacks on hospitals. Of the 24 verified incidents in hospitals, data theft happened in 17 of those attacks (68%). Because of the insufficient correct information published by healthcare companies and their business associates, it’s not possible to definitively identify if cyber attacks have plateaued, is rising, or decreasing. What is obvious is that the healthcare industry remains targeted and a large number of patients were impacted by the attacks.
A number of the attacks were carried out on multi-hospital health systems, and 290 hospitals throughout the country were possibly affected by the cyberattacks. The 150 hospitals managed by CommonSpirit Health were included in the latest reported exposure of the protected health information (PHI) of 623,774 patients. CommonSpirit Health just affirmed that a few of its hospitals were impacted.
These attacks frequently end in the theft of patient information, which can adversely impact patients and make them prone to identity theft and fraud. However, the most critical effects are on patient wellness. Research has been performed that suggests a rise in mortality subsequent to a ransomware attack and a bad effect on patient results because of delays in getting test results, late consultations, and canceled surgical procedures. Although no deaths were ascribed to ransomware attacks, patient results are affected by the delays in obtaining a cure. Emsisoft highlights one attack that led to using a computer system for calculating medicine dosages, which ended in a 3-year-old individual being given a considerable overdose of pain medication.