Recent research has found that healthcare is the business vertical most impacted by ransomware, as gangs are increasingly focusing on hospitals largely because of their intense pressure to meet their illegal demands. In fact, they warn that things could worsen during the holiday season over Europe and North America as hackers tend to strike during off-hours.
The study was conducted by Check Point Research (CPR) around ransomware attacks during the third quarter of 2022 and a key finding is that the healthcare sector was the most targeted industry in terms of ransomware in the third quarter of 2022, with one in 42 organizations impacted by ransomware, a 5% increase YoY.
CPR also shared global statistics for overall cyberattacks and by region, where education/research and Asia were top targets for overall cyberattacks. Some key figures as follows:
- Healthcare (1 in 42 organizations impacted by ransomware, a 5% increase YoY)
- Asia experienced the highest volume of cyberattacks with 1778 weekly attacks per organization on average and which is an increase of 21% compared to the same period last year.
- 28% increase in global cyberattacks compared to the same period in 2021
- Education/Research was most attacked by overall cyberattacks in Q3, with an average of 2,148 attacks per organization every week, an increase of 18% compared to third quarter of 2021
TEONG Eng Guan, Business Leader, ASEAN & KoreaCheck Point Software Technologies, says, “Ransomware gangs continue to focus their efforts on targeting hospitals, largely because of intense pressure for these organizations to respond fast. A ransomware attack on a hospital can lead to potentially catastrophic consequences, such as delayed surgeries, hold ups in patient care and rescheduled doctor appointments.
“In fact, we’re seeing that one out of every 42 healthcare organizations we track is the target of a ransomware operation. Even if an attack doesn’t shut a hospital down, it can knock some or all digital systems offline, cutting doctors’ and nurses’ access to digital information like patient records and recommendations for care. Hospital organizations should keep their programs up-to-date, only download items from known sources, and constantly back-up data. As we begin to close out the year and enter the holidays, hospitals should stay on high-alert, as ransomware gangs love to strike during this period as staff begin to take time off, the official says.”
Don’t wait for the next attack – prevention is possible
There are several best practices and actions a company can take to minimize their exposure to the next attack or breach. Prevention is possible. Here are some of the steps hospitals around the world can take to prevent cyberattacks:
- Cyber Awareness Training: Phishing emails are one of the most popular ways to spread ransomware. By tricking a user into clicking on a link or opening a malicious attachment, cybercriminals can gain access to the employee’s computer and begin the process of installing and executing the ransomware program on it. Frequent cybersecurity awareness training is crucial to protecting the organization against ransomware. This training should instruct employees to do the following:
- Not click on malicious links
- Never open unexpected or untrusted attachments
- Avoid revealing personal or sensitive data to phishers
- Verify software legitimacy before downloading it
- Never plug an unknown USB into their computer
- Use a VPN when connecting via untrusted or public Wi-Fi
- Up-to-Date Patches: Keeping computers and servers up-to-date and applying security patches, especially those labeled as critical, can help to limit an organization’s vulnerability to ransomware attacks.
- Keep your software updated. Ransomware attackers sometimes find an entry point within your apps and software, noting vulnerabilities and capitalizing on them. Fortunately, some developers are actively searching for new vulnerabilities and patching them out. If you want to make use of these patches, you need to have a patch management strategy in place—and you need to make sure all your team members are constantly up to date with the latest versions.
For some businesses it may be beneficial to employ the help of tools that fortify endpoint resilience and secure remote users. Check Point Harmony, for instance, uses real-time threat intelligence to actively guard against zero-day phishing campaigns, and URL filtering to block access to known malicious websites from any browser.
Anti-ransomware technology allows hospitals to detect signs of ransomware and uncover running mutations of known and unknown malware families by using behavioral analysis and generic rules.
- Deploy Email Security Solutions– Modern email filtering solutions can protect against malware and other malicious payloads in email messages. Solutions can detect emails that contain malicious links, attachments, spam content, and language that could suggest a phishing attack. Email security solutions automatically block and quarantine suspicious emails and use sandboxing technology to “detonate” emails to check if they contain malicious code.
- Choose Prevention over detection: Traditional cybersecurity vendors often claim that attacks will happen, and there is no way to avoid them, and therefore the only thing left to do is to invest in technologies that detect the attack once it has already breached the network and mitigate the damage as soon as possible. This is not true. Not only can attacks be blocked, but they can be prevented, including zero-day attacks and unknown malware. With the right technologies in place, most attacks, even the most advanced ones, can be prevented without disrupting the normal business flow
