Logo

Cyber-attacks on hospitals spike by 45% worldwide

Check Point Research (CPR) report a 45% increase in cyber-attacks on healthcare organizations worldwide in the last two months, making healthcare the most targeted industry by cyber criminals.

Researchers at cyber-security vendor, Check Point have reported a surge in cyber attacks targeting healthcare organizations across the globe. Since the beginning of November 2020, researchers have documented a 45% increase in cyber attacks targeting healthcare organizations worldwide, placing the healthcare sector at the top of the hit list for cyber criminals, when compared to all other industries.

The surge in cyber attacks on the healthcare sector were double the increase in cyber attacks on all other industries during the same time period, as researchers marked only a 22% increase in attacks on all other sectors outside of healthcare. The increase in attacks involves a range of attack vectors, including ransomware, botnets, remote code execution and DDoS attacks. Ransomware showed the largest increase and poses as the most significant malware threat to healthcare organizations, when compared to other industry sectors.

Cyber attacks by region

The surges in cyber attacks on healthcare organizations occurred mostly in Central Europe (+145%), followed by East Asia (+137%), Latin America (+112%), Europe (67%) and North America (37%). As for specific countries, Canada experienced the most dramatic increase with over a 250% uptick in attacks, followed by Germany with a 220% increase. Spain saw a doubling in ransomware attacks on its healthcare sector.

Omer Dembinsky, manager of data intelligence at Check Point said: "Cyber-attacks on the global healthcare sector are simply getting out of control. This is because targeting hospitals equates to fast money for cyber criminals. These criminals view hospitals as being more willing to meet their demands and actually pay ransoms. Hospitals are completely overwhelmed with rises in coronavirus patients and recent vaccine programs – so any interruption in hospital operations would be catastrophic.

“This past year, a number of hospital networks across the globe were successfully hit with ransomware attacks, making cyber criminals hungry for more. Furthermore, the usage of Ryuk ransomware emphasizes the trend of having more targeted and tailored ransomware attacks rather than using a massive spam campaign, which allows the attackers to make sure they hit the most critical parts of the organization and have a higher chance of getting their ransom paid.”

Security tips for healthcare organizations

1. Look for Trojans – Ransomware attacks don’t start with ransomware. Ryuk and other types of ransomware exploits usually start with an initial infection with a trojan. Often this trojan infection occurs days or weeks before the ransomware attack starts, so security professionals should look out for Trickbot, Emotet, Dridex and Cobalt Strike infections within their networks and remove them using threat hunting solutions – as these can all open the door for Ryuk.

2. Raise your guard on weekends and holidays – most Ransomware attacksover the past year have taken place over the weekends and during holidays when IT and security staff are less likely to be working.

3. Use anti-ransomware solutions – although ransomware attacks are sophisticated, Anti-Ransomwaresolutions with a remediation feature are effective tools which enable organizations to revert back to normal operations in just a few minutes if an infection takes place.

4. Educate employees about malicious emails – Training users on how to identify and avoid potential ransomware attacks is crucial. As many of the current cyber-attacks start with a targeted phishing email that does not even contain malware, just a socially-engineered message that encourages the user to click on a malicious link, or to supply specific details. User education to help identify these types of malicious emails is often considered one of the most important defenses an organization can deploy.

5. Patch virtually – the Federal recommendation is to patch old versions of software or systems, which could be impossible for hospitals as in many cases, systems cannot be patched. Therefore, we recommend using Intrusion Prevention System (IPS)with virtual patching capability to prevent attempts to exploit weaknesses in vulnerable systems or applications. An updated IPS helps your organization stay protected.

A major new CDEI poll finds that the public believe digital technology has a role to play in tacklin...
New report shows how hackers and criminals exploited COVID-19 pandemic in 2020 to target all busines...
Tanium survey of IT decision makers finds that enterprises are observing uptick in risky behaviours...
LogMeIn has published results of a global study executed by IDG that reveals the new reality of long...
Imperva Sonar platform enables organizations to manage complex and automated cyberattack risks.
BlackBerry has released the 2021 BlackBerry Threat Report, detailing a sharp rise in cyberthreats f...
The Privacy Compliance Hub is a clear, user-friendly and engaging way to spread privacy compliance a...
CNI organisations demonstrate strong appetite for digital transformation but misplaced confidence co...