Healthcare is the Critical Infrastructure Sector Most Targeted by Ransomware Groups

SEO poisoning in healthcare

The FBI has released its annual Internet Crime Report which confirms that healthcare suffered more ransomware attacks last year than any other critical infrastructure sector. The FBI’s Internet Crime Complaint Center (IC3) received 2,825 complaints about ransomware attacks in 2023, with 1,193 of those complaints coming from critical infrastructure entities. Healthcare organizations reported 249 complaints. Across all sectors, ransomware attacks increased by 18% from 2022 and ransom payments increased by 74% to $59.6 million.

There are several reasons behind the increase in reported attacks and losses. Victims of attacks are more willing to report attacks to the FBI, and attackers have evolved their tactics to generate more ransom payments, such as using multiple ransomware variants in attacks and conducting data destruction attacks.

LockBit was the most active ransomware group in 2023 with 175 reported attacks on critical infrastructure entities, followed by ALPHV/Blackcat with 100 attacks. The latter group appears to have shut down its operation after a major attack on Change Healthcare. A $22 million ransom was paid in that attack to ensure that the stolen data was deleted; however, the Blackcat affiliate behind the attack still has a copy of the data. The $22 million ransom payment represents only a tiny fraction of the cost of the attack which has caused more than 2 weeks of disruption. The attack is estimated to be costing providers across the country more than $1 billion a day due to the unavailability of Change Healthcare’s systems.

The FBI report is based on complaints received by IC3. Many organizations do not report attacks to the FBI so it is difficult for the FBI to determine the true scale of attacks. As an example, the FBI explained that a law enforcement operation against the Hive ransomware group in 2023 saw the FBI gain access to the group’s servers, which revealed that only 20% of victims of the group’s ransomware victims notified the FBI about the attacks.

The FBI encourages all victims of ransomware attacks to report them, regardless of whether the ransom is paid. The FBI discourages payment of the ransom but accepts the business decisions of companies to make payments when they are faced with extensive disruption and data loss. When attacks are promptly reported, the FBI can offer assistance with recovery, investigate attacks to gain insights into the tactics being used by ransomware gangs to warn other organizations, and ultimately take steps to bring the perpetrators to justice. The FBI can also help to recover stolen data and potentially seize or recover ransom payments.

“The FBI continues to combat this evolving cyber threat. Our strategy focuses on building strong partnerships with the private sector; removing threats from US networks; pulling back the cloak of anonymity many of these actors hide behind; and hitting cybercriminals where it hurts: their wallets, including their virtual wallets,” explained the FBI in the report.


Simple Guidelines
Immediate PDF Download

Immediate Access

Privacy Policy

In total, the FBI received 880,418 complaints about cybercrime in 2023, up 10% from the previous year, and losses to cybercrime were up 22% to $12.5 billion. The biggest cause of losses was investment fraud, with losses increasing by 38% year-over-year to $4.57 billion. Business email compromise (BEC) was the second biggest cause of losses, with adjusted losses of more than $2.9 billion. While only accounting for a relatively small percentage of the $12.5 billion in losses, phishing was the biggest reason for complaints, with 298,878 complaints received.

About Liam Johnson
Liam Johnson has produced articles about HIPAA for several years. He has extensive experience in healthcare privacy and security. With a deep understanding of the complex legal and regulatory landscape surrounding patient data protection, Liam has dedicated his career to helping organizations navigate the intricacies of HIPAA compliance. Liam focusses on the challenges faced by healthcare providers, insurance companies, and business associates in complying with HIPAA regulations. Liam has been published in leading healthcare publications, including The HIPAA Journal. Liam was appointed Editor-in-Chief of The HIPAA Guide in 2023. Contact Liam via LinkedIn: