According to the Solutionary security firm`s report, health care organizations are over 100 times more vulnerable to ransomware attacks than financial institutions and 21 times more than educational ones.
Threat intelligence analyst Terrance DeJesus states that each year millions of attacks are detected by the Omaha-based security firm. What`s concerning is the fact that, in the course of the last six months, 88% of all ransomware hits were against the health care sector.
“These numbers do not count all of the email delivery or exploit kit activity that happens pre-infection and would be attempts to deliver ransomware. These are confirmed ransomware outbreaks on directly affected systems.” DeJesus said.
He also adds that from February to May there has been a huge increase (198%) in the total number of attacks. The analyst thinks the increase is due to a combination of more attacks and better detection.
“The health care industry is a particularly attractive target for cybercriminals,” said the manager of the company’s threat intelligence communication team, Jon-Louis Heimerl. “One reason is that there’s a common belief that health care organizations are behind the technology curve. We have no empirical data to show that, but there is that perception: For instance, health care organizations are often non-profit, and are thought to prefer to spend the limited amount of money that they have on directly helping patients rather than investing in security. There’s a perception that they’re less secure.”
Also, health care organizations store a lot of important information such as patients` records. Once the cybercriminals get access to them they some very detailed personal information is exposed. Birth dates, Social Security and Health Insurance Account numbers, addresses, family members` names and other valuable data are at risk from being leveraged by the crook`s in their favor.
“There’s a lot of valuable information in that data set.” Heimerl said.
Moreover, loosing these kinds of personal data or the access to it could easily lead to disastrous or even lethal consequences. That’s why attackers rely on the fact that the ransom is more likely to be paid if that could safe a person`s life.
“With other companies, they want access to their systems so that they can keep selling stuff,” says Heimerl. “But in a hospital, people could die if the doctors didn’t have immediate access to their medical records. If there’s a chance that paying a ransom could result in restoring records, or in getting systems back up and running faster, they might be more inclined to pay up.”
Health care organizations are strongly advised to keep their data systems properly secured. They should invest in reliable off-site backups and test them regularly to see if the files can be easily recovered because the ransomware invasion in not even remotely close to its end.
DeJesus is even worried that it is a matter of time before the hackers start demanding a non-monetary ransoms and the infections would be even more catastrophic.
“I think the future of ransomware will definitely continue to grow and develop. Hacktivists will use ransomware for other reasons which don’t involve monetary gain, and it might be even more difficult to give them what they want.” he says.