Healthcare organisations targeted by ransomware gangs


Healthcare organisations have a reputation for being IT technology laggards not leaders.

The industry has traditionally been slow to adopt cutting-edge IT.  Unfortunately, this includes cybersecurity where threat actors have been quick to exploit big gaps in defences. 

Recently published research from risk management provider RiskRecon bears this out, showing that more than any other segment healthcare providers are targeted in what the company terms “destructive ransomware events” in which the compromised institution’s operations are disrupted because of encryption of essential systems. 

The study, which examined 1,454 destructive ransomware events that occurred between 2016 and 2023, found that even if an organisation has an excellent security posture itself, if there are any vulnerabilities in its supply chain it could be successfully targeted.

Microsoft’s warning to healthcare

The research was published the same week Microsoft warned that threat actors are leveraging INC Ransom, a ransomware-as-a-service provider, and are taking aim at healthcare organisations. 2024 has been a difficult year for healthcare organisations and ransomware. 

In February, medical payment processor Change Healthcare was hit by a ransomware attack that wreaked havoc on its affiliates who depended on the organisation to handle their financial transactions. 

Access the most comprehensive Company Profiles
on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

View profiles in store

Company Profile – free
sample

Thank you!

Your download email will arrive shortly

We are confident about the
unique
quality of our Company Profiles. However, we want you to make the most
beneficial
decision for your business, so we offer a free sample that you can download by
submitting the below form

By GlobalData

Country *
UK
USA
Afghanistan
Åland Islands
Albania
Algeria
American Samoa
Andorra
Angola
Anguilla
Antarctica
Antigua and Barbuda
Argentina
Armenia
Aruba
Australia
Austria
Azerbaijan
Bahamas
Bahrain
Bangladesh
Barbados
Belarus
Belgium
Belize
Benin
Bermuda
Bhutan
Bolivia
Bonaire, Sint
Eustatius
and
Saba
Bosnia and Herzegovina

Botswana
Bouvet Island
Brazil
British Indian Ocean
Territory
Brunei Darussalam
Bulgaria
Burkina Faso
Burundi
Cambodia
Cameroon
Canada
Cape Verde
Cayman Islands
Central African Republic

Chad
Chile
China
Christmas Island
Cocos Islands
Colombia
Comoros
Congo
Democratic Republic
of
the Congo
Cook Islands
Costa Rica
Côte d”Ivoire
Croatia
Cuba
Curaçao
Cyprus
Czech Republic
Denmark
Djibouti
Dominica
Dominican Republic
Ecuador
Egypt
El Salvador
Equatorial Guinea
Eritrea
Estonia
Ethiopia
Falkland Islands
Faroe Islands
Fiji
Finland
France
French Guiana
French Polynesia
French Southern
Territories

Gabon
Gambia
Georgia
Germany
Ghana
Gibraltar
Greece
Greenland
Grenada
Guadeloupe
Guam
Guatemala
Guernsey
Guinea
Guinea-Bissau
Guyana
Haiti
Heard Island and
McDonald
Islands

Holy See
Honduras
Hong Kong
Hungary
Iceland
India
Indonesia
Iran
Iraq
Ireland
Isle of Man
Israel
Italy
Jamaica
Japan
Jersey
Jordan
Kazakhstan
Kenya
Kiribati
North Korea
South Korea
Kuwait
Kyrgyzstan
Lao
Latvia
Lebanon
Lesotho
Liberia
Libyan Arab Jamahiriya

Liechtenstein
Lithuania
Luxembourg
Macao

Macedonia,
The
Former
Yugoslav Republic of
Madagascar
Malawi
Malaysia
Maldives
Mali
Malta
Marshall Islands
Martinique
Mauritania
Mauritius
Mayotte
Mexico
Micronesia
Moldova
Monaco
Mongolia
Montenegro
Montserrat
Morocco
Mozambique
Myanmar
Namibia
Nauru
Nepal
Netherlands
New Caledonia
New Zealand
Nicaragua
Niger
Nigeria
Niue
Norfolk Island
Northern Mariana Islands

Norway
Oman
Pakistan
Palau
Palestinian Territory
Panama
Papua New Guinea
Paraguay
Peru
Philippines
Pitcairn
Poland
Portugal
Puerto Rico
Qatar
Réunion
Romania
Russian Federation
Rwanda
Saint
Helena,
Ascension and Tristan da Cunha
Saint Kitts and Nevis
Saint Lucia
Saint Pierre and Miquelon

Saint Vincent and
The
Grenadines

Samoa
San Marino
Sao Tome and Principe
Saudi Arabia
Senegal
Serbia
Seychelles
Sierra Leone
Singapore
Slovakia
Slovenia
Solomon Islands
Somalia
South Africa
South
Georgia
and The South
Sandwich Islands
Spain
Sri Lanka
Sudan
Suriname
Svalbard and Jan Mayen

Swaziland
Sweden
Switzerland
Syrian Arab Republic
Taiwan
Tajikistan
Tanzania
Thailand
Timor-Leste
Togo
Tokelau
Tonga
Trinidad and Tobago
Tunisia
Turkey
Turkmenistan
Turks and Caicos Islands

Tuvalu
Uganda
Ukraine
United Arab Emirates
US Minor Outlying Islands

Uruguay
Uzbekistan
Vanuatu
Venezuela
Vietnam
British Virgin Islands

US Virgin Islands
Wallis and Futuna
Western Sahara
Yemen
Zambia
Zimbabwe
Kosovo

Industry *

Academia & Education
Aerospace, Defense &
Security
Agriculture
Asset Management
Automotive
Banking & Payments
Chemicals
Construction
Consumer
Foodservice
Government, trade bodies
and NGOs
Health & Fitness
Hospitals & Healthcare

HR, Staffing &
Recruitment
Insurance
Investment Banking
Legal Services
Management Consulting
Marketing & Advertising

Media & Publishing
Medical Devices
Mining
Oil & Gas
Packaging
Pharmaceuticals
Power & Utilities
Private Equity
Real Estate
Retail
Sport
Technology
Telecom
Transportation &
Logistics
Travel, Tourism &
Hospitality
Venture Capital

Tick here to opt out of curated industry news, reports, and event updates from Verdict.

Submit and
download

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

The ALPHV/BlackCat ransomware organisation exfiltrated as much as 4TB of data including medical records and payment information. Change Healthcare allegedly paid the hackers $22m but ultimately expenses associated with the event are likely to top $1b.

Unsafe networks invite ransomware attacks

Of those who had what RiskRecon classified as “poor security hygiene, the company said there were a number of issues underlying this. 

Among those, RiskRecon said they had 7.2 times more high or critical severity issues in their Internet-facing systems. These at-risk organisations had on average 12.2 times more unsafe network services exposed such as Remote Desktop Protocol (RDP). 

These enterprises also had 23.7 times elevated rate of malicious activity and 6.4 times higher encryption configuration issues in critical systems. 

Weekend warriors

In the last three years, just under 48% of the initial attack ingress breached the enterprises either through unsafe network services or unpatched software.

RiskRecon noted that while threat actors launch attacks seven days a week, 46% occur from Friday to Sunday when fewer IT and security staff are likely to be working.


https://www.verdict.co.uk/healthcare-ransomware-threats-security-weakness/