Check Point publishes its annual Security Report, showing how cyber criminals exploited 2020 to target industry sectors across the globe. Cyber attacks on hospitals and healthcare organizations surface as a top hacker trend, as Check Point finds that monthly cyber attacks per healthcare organization jumped 37% in the last 12 months.
- Significant spike in cyber attacks on healthcare sector in September and October 2020 – 71% increase in attacks between September and October
- In November and December 2020, cyber attacks targeting healthcare organizations globally increased by 45% – double the global increase of attacks seen in the same time period across all industry sectors
- Ransomware technique “double-extortion”, where hackers threaten to publicly leak stolen data, rose in 2020
- Other key trends in 2021 Security Report include adoption of public cloud, rise of ‘thread hijack” attacks on remote workers, and growth in banking and information-stealing mobile Trojans
- Report provides global malware statistics and analysis by region: America, EMEA and APAC
Check Point has published its 2021 Security Report. Each year, the company shows how cyber criminals exploited the previous year to target industry sectors across the globe. Among the primary highlights of this year’s report is the fast-growing trend of cyber attacks on hospitals and healthcare organizations.
Escalation in Cyber Attacks on Hospitals
Healthcare places near the top of industries most targeted by hackers. The chart below demonstrates the increase in attack rate per healthcare organization throughout 2020 and the beginning of 2021. The attack rate increased by roughly 37%.
The graph above also shows a steep rise in cyber attacks on healthcare organizations beginning in September and October of 2020. Recent Check Point Research from October showed that healthcare is currently the most targeted industry in the US, with a 71 percent increase in attacks compared to September. Towards the end of October, the US CISA, FBI, and HHS released a warning about an increase in Ryuk ransomware attacks on U.S. hospitals. In November and December 2020, there was an increase of over 45% in the amount of cyber attacks targeting healthcare organizations globally – double the global increase of attacks seen in the same time period across all industry sectors, which was 22%.
Double-extortion Ransomware Attacks Rose in 2020
One of the most prolific cyber threats hospitals and healthcare organizations face is ransomware. Behind ransomware is the hacker technique of what is known as “double-extortion”. Here, a cybercriminal launches a multi-stage ransomware attack, combining the traditional encryption of the victim’s files with exfiltration of data. The attacker then threatens to release the breached data publicly unless the ransom payment is paid within the designated timeframe. This puts additional pressure on victims to meet the attackers’ demands, as well as exposing the victim to penalties from data watchdogs, and the need to alert affected patients and partners whose data was breached. Research shows that in Q3 2020, nearly half of all ransomware incidents involved the threat of releasing data stolen from the target organization. On average, a new organization becomes a victim of ransomware every 10 seconds worldwide.
Why Hospitals? Why Now?
According to Lotem Finkelsteen, Head of Threat Intelligence at Check Point: “All hospitals everywhere should be concerned. It’s no secret that coronavirus has changed the way we live, but many don’t fully see how the virus changed hacker behavior. The influx of coronavirus patients has completely inundated hospitals. Hackers see this and have clearly showed growing interest throughout 2020, and they are actively trying to take advantage. Hackers are further motivated by the wide vaccine distribution programs taking place at healthcare centers. We expect hackers to not stop targeting hospitals, as their exploits have provided to be lucrative at times. Hospitals should educate their staff on the risks of malicious emails, as it can usually take just one sketchy email to take down an entire hospital’s network.”
Other Key Trends in the Report
- Cloud adoption races ahead of security: 2020 saw organizations’ digital transformation programs advance by over five years in response to the pandemic, but public cloud security is still a major concern for 75% of enterprises. Also, over 80% of enterprises found their existing security tools don’t work at all or have only limited functions in the cloud, showing that cloud security problems will continue into 2021.
- Remote working is targeted: hackers ramped up ‘thread hijacking’ attacks on remote workers to steal data or infiltrate networks using the Emotet and Qbot trojans, which impacted 24% of organizations globally. Attacks against remote access systems such as RDP and VPN also increased sharply.
- Mobiles are moving targets: 46% of organizations had at least one employee download a malicious mobile application, which threatens their networks and data in 2020. The increased use of mobiles during global lockdowns has also driven growth in banking and information-stealing mobile Trojans.
Quote: Dr. Dorit Dor, VP of Products at Check Point:
“Businesses globally surprised themselves with the speed of their digital initiatives in 2020: it’s estimated that digital transformation was advanced by up to seven years. But at the same time, threat actors and cyber criminals also changed their tactics so that they could take advantage of these changes, and the pandemic’s disruption, with surges in attacks across all sectors. We need to act now to stop this cyber pandemic spreading out of control. Organizations need to vaccinate their hyper-connected networks to prevent these damaging cyber-attacks that cause so much disruption.”
*Check Point’s 2021 Security Report is based on data from Check Point’s ThreatCloud intelligence, the largest collaborative network for fighting cybercrime which delivers threat data and attack trends from a global network of threat sensors; from Check Point’s research investigations over the last 12 months; and on recent survey reports by Check Point of IT professionals and C-level executives. The report examines the latest emerging threats across industry sectors, and gives a comprehensive overview of the trends observed in the malware landscape, in emerging data breach vectors, and in nation-state cyber-attacks. It also includes expert analysis from Check Point’s thought leaders; to help organizations understand and prepare themselves for today´s and tomorrow’s complex threat landscape.