The Beazley’s Q3 Breach Insights Report shows there has been a significant increase in ransomware attacks on healthcare industry. From the ransomware attacks handled by Beazley Breach Response (BBR) Services, 37% affected the healthcare industry, which is over three times the number of attacks on the professional services industry (11%).
The report shows a rising trend in cyberattacks where two malware variants are used. An example of which involved the Emotet banking Trojan and a secondary ransomware as secondary payload. In that case, Emotet was used to steal bank credentials, after which ransomware was deployed and a ransom was demanded for the keys to unlock the encryption. The size of the ransom is highly variable, but can be extortionate. One group demanded a ransom of $2.8 million for the keys to unlock files. In that attack, a large number for devices were encrypted, including backups.
Beazley includes data from Kivu Consulting research which shows many attackers use poorly designed ransomware variants. While the ransomware is very effective at encrypting data, it is not so effective at decryption. The result is file corruption or permanently locked files, even if the ransom is paid. Since there is no guarantee that files can be decrypted, it is essential for healthcare organizations to perform regular backups. Backups should also be tested to make sure files can be restored. Since ransomware can encrypt most file types and delete Windows Shadow copies, it is essential for a copy of each backup to be stored securely off site.
Beazley’s figures show that small to medium sized businesses are commonly attacked. 71% of ransomware attacks handled by BBR Services affected small to medium sized organizations. These organizations may not have the means to pay large ransoms, but attacks are easier to pull off than on large organizations with more robust cybersecurity protections.
The Breach Insights Report details other types of data breaches. In Q3, 32% of all healthcare data breaches were accidental disclosures and 30% were hacks/malware incidents. Beazley reports that healthcare hacking/malware incidents have risen from 20% in 2017 to 30% in 2018. Other breaches involved insiders (17%), loss of physical records (9%), and loss of portable electronic devices (6%).