According to a newly released report by Check Point Research today, this surge has made the medical industry the main target for cybercriminals when compared to around an increase of 22% in cyberattacks targeting all other industries on the planet seen throughout the same interval of time.
Weekly cyberattacks against the healthcare industry reached an average of 626 per organization in November compared to 430 the month prior, with types of cyber attacks ranging from ransomware, botnets, remote code execution, and DDoS, meaning distributed denial-of-service attacks.
Ransomware attacks launched against hospitals marked their largest threat, with the emerging Ryuk and Sodinokibi ransomware variants that have been used by some felony committing criminal hacker groups.
Check Point’s manager of data intelligence, Omer Dembinsky said, “The usage of Ryuk emphasizes the trend of having more targeted and tailored ransomware attacks rather than using a massive spam campaign, which allows the attackers to make sure they hit the most critical parts of the organization and have a higher chance of getting paid.”
Central Europe was on the top of the list of impacted regions by the rise in attacks made against healthcare organizations that had seen a 145% increase in November, the next most affected being East Asia (up 137%), then Latin America (up 112%). Europe and North America witnessed a 67% and 37% increase respectively.
The surge comes after a joint advisory from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) this past October, which warned of an “elevated and imminent cybercrime risk to hospitals and healthcare providers in the United States.
The alert cautioned of adversaries concentrating on the Healthcare and Public Health (HPH) sector with BazarLoader and TrickBot malware, leading to ransomware infections, stolen data, and healthcare services experiencing disruptions.
Over the past couple of months, state-sponsored actors have accelerated their cyber assaults aimed at government health ministries and businesses active in distributing COVID-19 vaccines and launching ransomware assaults on pharmaceutical companies like Dr. Reddy’s Laboratories that are currently carrying out vaccines trials.
Instances of Ransomware, specifically, have been capitalizing on the coronavirus pandemic, especially because of how it increases the odds that hospitals will give in to demands from hackers in order to quickly get back to treating their vulnerable patients. There have even been patients who’ve died as a direct result of such cyberattacks. The University of California paid a ransom of 116 bitcoin ($1.14 million) to hackers after its systems were compromised by a NetWalker attack back in June of 2020.
“Medical services and research organizations [have become] targets for attacks seeking to steal valuable commercial and professional information or to disrupt vital research operations,” researchers with Check Point Research CONCLUDED.
“As the world’s attention continues to focus on dealing with the pandemic, cybercriminals will also continue to use and try to exploit that focus for their own illegal purposes — so it’s essential that both organizations and individuals maintain good cyber-hygiene to protect themselves against Covid-related online crime.”
Kyle James Lee – The AEGIS Alliance – This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.